Fine-grained and accurate source code differencing

Falleri, Jean‐Rémy; Morandat, Floréal; Blanc, Xavier; Martínez, Matías; Monperrus, Martin

doi:10.1145/2642937.2642982

“…Regarding maintainer information (DL4000) we detected diverging results across the different segments of the population. 15.9% of all Dockerfiles do not use the MAINTAINER instruction specifying both name and email address of the developer responsible for the image. Interestingly, for popular projects, this best practice is violated more often with 21.7% for the Top-100 and 19.8% for the Top-1000 repositories.…”

Section: Quality Of Dockerfiles and Standard Compliance A Most VImentioning

confidence: 99%

An empirical analysis of the Docker container ecosystem on GitHub

Cito

¹

,

Schermann

²

,

Wittern

³

et al. 2017

Preprint

View full text Add to dashboard Cite

Abstract-Docker allows packaging an application with its dependencies into a standardized, self-contained unit (a so-called container), which can be used for software development and to run the application on any system. Dockerfiles are declarative definitions of an environment that aim to enable reproducible builds of the container. They can often be found in source code repositories and enable the hosted software to come to life in its execution environment. We conduct an exploratory empirical study with the goal of characterizing the Docker ecosystem, prevalent quality issues, and the evolution of Dockerfiles. We base our study on a data set of over 70000 Dockerfiles, and contrast this general population with samplings that contain the Top-100 and Top-1000 most popular Docker-using projects. We find that most quality issues (28.6%) arise from missing version pinning (i.e., specifying a concrete version for dependencies). Further, we were not able to build 34% of Dockerfiles from a representative sample of 560 projects. Integrating quality checks, e.g., to issue version pinning warnings, into the container build process could result into more reproducible builds. The most popular projects change more often than the rest of the Docker population, with 5.81 revisions per year and 5 lines of code changed on average. Most changes deal with dependencies, that are currently stored in a rather unstructured manner. We propose to introduce an abstraction that, for instance, could deal with the intricacies of different package managers and could improve migration to more light-weight images.

show abstract

“…Developers could benefit from tooling that allow for structural differencing between two consecutive versions of infrastructure. Similar approaches have already been established for program source code [14], [15].…”

Section: Dependencymentioning

confidence: 92%

An empirical analysis of the Docker container ecosystem on GitHub

Cito

¹

,

Schermann

²

,

Wittern

³

et al. 2017

Preprint

View full text Add to dashboard Cite

Abstract-Docker allows packaging an application with its dependencies into a standardized, self-contained unit (a so-called container), which can be used for software development and to run the application on any system. Dockerfiles are declarative definitions of an environment that aim to enable reproducible builds of the container. They can often be found in source code repositories and enable the hosted software to come to life in its execution environment. We conduct an exploratory empirical study with the goal of characterizing the Docker ecosystem, prevalent quality issues, and the evolution of Dockerfiles. We base our study on a data set of over 70000 Dockerfiles, and contrast this general population with samplings that contain the Top-100 and Top-1000 most popular Docker-using projects. We find that most quality issues (28.6%) arise from missing version pinning (i.e., specifying a concrete version for dependencies). Further, we were not able to build 34% of Dockerfiles from a representative sample of 560 projects. Integrating quality checks, e.g., to issue version pinning warnings, into the container build process could result into more reproducible builds. The most popular projects change more often than the rest of the Docker population, with 5.81 revisions per year and 5 lines of code changed on average. Most changes deal with dependencies, that are currently stored in a rather unstructured manner. We propose to introduce an abstraction that, for instance, could deal with the intricacies of different package managers and could improve migration to more light-weight images.

show abstract

“…The canonical solution for the untyped linear scenario is the well known Unix diff (Hunt and McIlroy 1976). For the tree-structured variation, though, a variety of implementations (Falleri et al 2014;Farinier et al 2015;Hashimoto and Mori 2008) has arisen in the last few years. In this paper, however, we have explored how to exploit the type structure of trees to give a more precise account of our di algorithm.…”

Section: Related Workmentioning

confidence: 99%

Type-directed diffing of structured data

Miraldo

¹

,

Dagand

²

,

Swierstra

³

2017

Proceedings of the 2nd ACM SIGPLAN International Workshop on Type-Driven Development

View full text Add to dashboard Cite

The Unix diff utility that compares lines of text is used pervasively by version control systems. Yet certain changes to a program may be di cult to describe accurately in terms of modi cations to individual lines of code. As a result, observing changes at such a xed granularity may lead to unnecessary con icts between di erent edits. This paper presents a generic representation for describing transformations between algebraic data types and a non-deterministic algorithm for computing such representations. These representations can be used to give a more accurate account of modi cations made to algebraic data structures -and the abstract syntax trees of computer programs in particular -as opposed to only considering modi cations between their textual representations.

show abstract

Fine-grained and accurate source code differencing

Cited by 462 publications

References 33 publications

An empirical analysis of the Docker container ecosystem on GitHub

An empirical analysis of the Docker container ecosystem on GitHub

An empirical analysis of the Docker container ecosystem on GitHub

Type-directed diffing of structured data

Contact Info

Product

Resources

About