Trusting code in the wild: A social network-based centrality rating for
developers in the Rust ecosystem
- URL: http://arxiv.org/abs/2306.00240v1
- Date: Wed, 31 May 2023 23:24:03 GMT
- Title: Trusting code in the wild: A social network-based centrality rating for
developers in the Rust ecosystem
- Authors: Nasif Imtiaz, Preya Shabrina, Laurie Williams
- Abstract summary: This study builds a social network of 6,949 developers across the collaboration activity from 1,644 Rust packages.
We evaluate if code coming from a developer with a higher centrality rating is likely to be accepted with lesser scrutiny by the downstream projects.
- Score: 1.3581810800092387
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: As modern software extensively uses open source packages, developers
regularly pull in new upstream code through frequent updates. While a manual
review of all upstream changes may not be practical, developers may rely on the
authors' and reviewers' identities, among other factors, to decide what level
of review the new code may require. The goal of this study is to help
downstream project developers prioritize review efforts for upstream code by
providing a social network-based centrality rating for the authors and
reviewers of that code. To that end, we build a social network of 6,949
developers across the collaboration activity from 1,644 Rust packages. Further,
we survey the developers in the network to evaluate if code coming from a
developer with a higher centrality rating is likely to be accepted with lesser
scrutiny by the downstream projects and, therefore, is perceived to be more
trusted. Our results show that 97.7\% of the developers from the studied
packages are interconnected via collaboration, with each developer separated
from another via only four other developers in the network. The interconnection
among developers from different Rust packages establishes the ground for
identifying the central developers in the ecosystem. Our survey responses
($N=206$) show that the respondents are more likely to not differentiate
between developers in deciding how to review upstream changes (60.2\% of the
time). However, when they do differentiate, our statistical analysis showed a
significant correlation between developers' centrality ratings and the level of
scrutiny their code might face from the downstream projects, as indicated by
the respondents.
Related papers
- OpenDevin: An Open Platform for AI Software Developers as Generalist Agents [109.8507367518992]
We introduce OpenDevin, a platform for the development of AI agents that interact with the world in similar ways to those of a human developer.
We describe how the platform allows for the implementation of new agents, safe interaction with sandboxed environments for code execution, and incorporation of evaluation benchmarks.
arXiv Detail & Related papers (2024-07-23T17:50:43Z) - Trusting code in the wild: Exploring contributor reputation measures to review dependencies in the Rust ecosystem [1.0310977366592338]
We use network centrality measures to proxy contributor reputation using collaboration activity.
We find that only 24% of respondents often review dependencies before adding or updating a package.
We recommend that ecosystems like GitHub, Rust, and npm implement a contributor reputation badge to aid developers in dependency reviews.
arXiv Detail & Related papers (2024-06-14T16:13:58Z) - Multi-Agent Software Development through Cross-Team Collaboration [30.88149502999973]
We introduce Cross-Team Collaboration (CTC), a scalable multi-team framework for software development.
CTC enables orchestrated teams to jointly propose various decisions and communicate with their insights.
Results show a notable increase in quality compared to state-of-the-art baselines.
arXiv Detail & Related papers (2024-06-13T10:18:36Z) - The AI Community Building the Future? A Quantitative Analysis of Development Activity on Hugging Face Hub [2.595302141947391]
We analyse development activity on the Hugging Face (HF) Hub, a popular platform for building, sharing, and demonstrating models.
Activity is imbalanced between repositories; for example, over 70% of models have 0 downloads, while 1% account for 99% of downloads.
We find that the community has a core-periphery structure, with a core of prolific developers and a majority of isolate developers.
arXiv Detail & Related papers (2024-05-20T11:10:49Z) - When LLM-based Code Generation Meets the Software Development Process [50.82665351100067]
This paper introduces LCG, a code generation framework inspired by established software engineering practices.
LLM agents emulate various software process models, namely LCGWaterfall, LCGTDD, and LCGScrum.
We evaluate LCG across four code generation benchmarks: HumanEval, HumanEval-ET, MBPP, and MBPP-ET.
arXiv Detail & Related papers (2024-03-23T14:04:48Z) - Collaborative, Code-Proximal Dynamic Software Visualization within Code
Editors [55.57032418885258]
This paper introduces the design and proof-of-concept implementation for a software visualization approach that can be embedded into code editors.
Our contribution differs from related work in that we use dynamic analysis of a software system's runtime behavior.
Our visualization approach enhances common remote pair programming tools and is collaboratively usable by employing shared code cities.
arXiv Detail & Related papers (2023-08-30T06:35:40Z) - Who is the Real Hero? Measuring Developer Contribution via
Multi-dimensional Data Integration [8.735393610868435]
We propose CValue, a multidimensional information fusion-based approach to measure developer contributions.
CValue extracts both syntax and semantic information from the source code changes in four dimensions.
It fuses the information to produce the contribution score for each of the commits in the projects.
arXiv Detail & Related papers (2023-08-17T13:57:44Z) - The GitHub Development Workflow Automation Ecosystems [47.818229204130596]
Large-scale software development has become a highly collaborative endeavour.
This chapter explores the ecosystems of development bots and GitHub Actions.
It provides an extensive survey of the state-of-the-art in this domain.
arXiv Detail & Related papers (2023-05-08T15:24:23Z) - Code Recommendation for Open Source Software Developers [32.181023933552694]
CODER is a novel graph-based code recommendation framework for open source software developers.
Our framework achieves superior performance under various experimental settings, including intra-project, cross-project, and cold-start recommendation.
arXiv Detail & Related papers (2022-10-15T16:40:36Z) - Personalized multi-faceted trust modeling to determine trust links in
social media and its potential for misinformation management [61.88858330222619]
We present an approach for predicting trust links between peers in social media.
We propose a data-driven multi-faceted trust modeling which incorporates many distinct features for a comprehensive analysis.
Illustrated in a trust-aware item recommendation task, we evaluate the proposed framework in the context of a large Yelp dataset.
arXiv Detail & Related papers (2021-11-11T19:40:51Z) - Deep Just-In-Time Inconsistency Detection Between Comments and Source
Code [51.00904399653609]
In this paper, we aim to detect whether a comment becomes inconsistent as a result of changes to the corresponding body of code.
We develop a deep-learning approach that learns to correlate a comment with code changes.
We show the usefulness of our approach by combining it with a comment update model to build a more comprehensive automatic comment maintenance system.
arXiv Detail & Related papers (2020-10-04T16:49:28Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.