2020
DOI: 10.1007/s10664-019-09785-8
|View full text |Cite
|
Sign up to set email alerts
|

An empirical characterization of bad practices in continuous integration

Abstract: Continuous Integration (CI) has been claimed to introduce several benefits in software development, including high software quality and reliability. However, recent work pointed out challenges, barriers and bad practices characterizing its adoption. This paper empirically investigates what are the bad practices experienced by developers applying CI. The investigation has been conducted by leveraging semi-structured interviews of 13 experts and mining more than 2,300 Stack Overflow posts. As a result, we compil… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
38
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
3
1

Relationship

2
7

Authors

Journals

citations
Cited by 62 publications
(38 citation statements)
references
References 38 publications
0
38
0
Order By: Relevance
“…Rompaey et al [68] defined the symptoms of poorly designed tests as test smells. Zampetti et al [69] categorized the bad practices followed in the continuous integration process. In the future, other steps/processes within the software development life cycle can be investigated to detect and avoid the smells.…”
Section: Implications For Industry and Software Engineering Practicementioning
confidence: 99%
“…Rompaey et al [68] defined the symptoms of poorly designed tests as test smells. Zampetti et al [69] categorized the bad practices followed in the continuous integration process. In the future, other steps/processes within the software development life cycle can be investigated to detect and avoid the smells.…”
Section: Implications For Industry and Software Engineering Practicementioning
confidence: 99%
“…Developers typically hope that the community at large will find and report vulnerabilities quickly, but past attacks remained undetected for months or caused significant damage within short periods. Current static analysis and anomaly detection tools detect usually only very specific issues and produce many false alarms [18,31,66,80]. • Tracking known vulnerabilities: Many third-party services scan the dependency tree of Node.js applications for known vulnerabilities (e.g., Snyk.io, npm, GitHub).…”
Section: Thmentioning
confidence: 99%
“…I also discuss negative phenomena per CI practice and augment them with Duvall's catalog of CI practice anti-patterns [59]. Similarly to Zampetti et al [60], I use Duvall's anti-patterns to categorize incorrect applications of a practice in the sense that negative outcomes resulting from these anti-patterns could be considered risks or backlash. For the remainder of this section, benets refer to positive eects attributed to particular practices, while challenges refer to impediments to practice application as well as negative eects resulting from practice application.…”
Section: Practice Benets and Challengesmentioning
confidence: 99%
“…Thus, it comes as no surprise that this codebase structure results in lengthy build times [61,63]. And while Zampetti et al [60] do discuss issues related to codebase structure, these are typically mentioned in a design context as opposed to how it may aect build time or complexity.…”
Section: Challengesmentioning
confidence: 99%