Courtney Miller, Mahmoud Jahanshahi, Audris Mockus, Bogdan Vasilescu, Christian Kästner.
Understanding the Response to Open-Source Dependency Abandonment in the npm Ecosystem.
IEEE/ACM International Conference of Software Engineering (ICSE), 2025.
We perform a large-scale quantitative analysis of all widely-used npm packages and find that abandonment is common among them, that abandonment exposes many projects which often do not respond, that responses correlate with other dependency management practices, and that removal is significantly faster when a package’s end-of-life status is explicitly stated. We end with recommendations to both researchers and practitioners who are facing dependency abandonment or are sunsetting packages, such as opportunities for low-effort transparency mechanisms to help exposed projects make better, more informed decisions.
Paper / Supplementary Material / Infographic / Details
Lina Boughton, Courtney Miller, Yasemin Acar, Dominik Wermke, and Christian Kästner.
Decomposing and Measuring Trust in Open-Source Software Supply Chains.
IEEE/ACM International Conference of Software Engineering -- New Ideas Track (ICSE-NIER), 2024.
Trust is integral for the successful and secure functioning of software supply chains, making it important to measure the state and evolution of trust in open source communities. However, existing security and supply chain research often studies the concept of trust without a clear definition and relies on obvious and easily available signals like GitHub stars without deeper grounding. In this paper, we explore how to measure trust in open source supply chains with the goal of developing robust measures for trust based on the behaviors of developers in the community. To this end, we contribute a process for decomposing trust in a complex large-scale system into key trust relationships, systematically identifying behavior-based indicators for the components of trust for a given relationship, and in turn operationalizing data-driven metrics for those indicators, allowing for the wide-scale measurement of trust in practice.
Paper / Supplementary Material / DOI
Courtney Miller, Christian Kästner, Bogdan Vasilescu. "We Feel Like We're Winging It:" A Study on Navigating Open-Source Dependency Abandonment. ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE), 2023.
We conduct semi-structured, in-depth interviews with 33 developers who have experienced open-source dependency abandonment and perform iterative qualitative content analysis to collect, curate, and contextualize the experiences and practices of developers who have dealt with open-source dependency abandonment.
Paper / Slides / Presentation Video / Supplementary Material / Details
Emily Nguyen.
Do All Software Projects Die When Not Maintained? Analyzing Developer Maintenance to Predict OSS Usage.
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering -- Student Research Competition (ESEC/FSE-SRC), 2023.
Past research suggests software should be continuously maintained in order to remain useful in our digital society. To determine whether these studies on software evolution are supported in modern-day software libraries, we conduct a natural experiment on 26,050 GitHub repositories, statistically modeling library usage based on their package-level downloads against different factors related to project maintenance.
Paper / DOI
Katrina Wilson.
Clearing the Trail: Motivations for Maintenance Work in Open Source.
IEEE/ACM International Conference on Systems, Programming, Languages, and Applications: Software for Humanity -- Student Research Competition (SPLASH-SRC), 2023.
Introducing new maintainers to established projects is critical to the long-term sustainability of open-source projects. Yet, we have little understanding of what motivates developers to join and maintain already established projects. Previous research on volunteering motivations emphasizes that individuals are motivated by a unique set of factors to volunteer in a specific area, suggesting that the motivations behind open-source contributions also depend on the nature of the work. We aim to determine correlations between types of open-source contributions and their specific motivators through surveys of open-source contributors.
DOI
Courtney Miller, Sophie Cohen, Daniel Klug, Bogdan Vasilescu, Christian Kästner.
"Did You Miss My Comment or What?" Understanding Toxicity in Open Source Discussions.
IEEE/ACM International Conference of Software Engineering (ICSE), 2022.
We take a first stride at understanding the characteristics of open source toxicity to better inform future work on designing effective intervention and detection methods. We curate and qualitatively analyze a sample of 100 toxic GitHub issue discussions to gain an understanding of the characteristics of open-source toxicity.
Paper / Slides / Presentation Video / Infographic / Details
Kimberly Truong, Courtney Miller, Bogdan Vasilescu, and Christian Kästner.
The Unsolvable Problem or the Unheard Answer? A Dataset of 24,669 Open-Source Software Conference Talks.
IEEE/ACM International Conference on Mining Software Repositories (MSR), 2022.
Talks at practitioner-focused open-source software conferences are a valuable source of information for software engineering researchers. They provide a pulse of the community and are valuable source material for grey literature analysis. We curated a dataset of 24,669 talks from 87 open-source conferences between 2010 and 2021. We stored all relevant metadata from these conferences and provide scripts to collect the transcripts. We believe this data is useful for answering many kinds of questions, such as: What are the important/highly discussed topics within practitioner communities? How do practitioners interact? And how do they present themselves to the public? We demonstrate the usefulness of this data by reporting our findings from two small studies: a topic model analysis providing an overview of open-source community dynamics since 2011 and a qualitative analysis of a smaller community-oriented sample within our dataset to gain a better understanding of why contributors leave open-source software.
Paper / DOI
Philip Gray.
To Disengage or Not to Disengage: A Look at Contributor Disengagement in Open Source Software.
IEEE/ACM International Conference of Software Engineering -- Student Research Competition (ICSE-SRC), 2022.
Contributors are vital to the sustainability of open source ecosystems, and disengagement threatens that sustainability. We seek to protect and strengthen open source communities through a better and more robust way of defining and identifying contributor disengagement in open source communities. To do this we, collected a large amount of gray literature on contributor disengagement, and performed a qualitative analysis to better our understanding of why contributors disengage.
Paper / DOI
Kimberly Truong.
Let’s Talk Open-Source — An Analysis of Conference Talks and Community Dynamics.
IEEE/ACM International Conference of Software Engineering -- Student Research Competition (ICSE-SRC), 2022, first place.
Open-source software has integrated itself into our daily lives, impacting 78% of US companies in 2015. Past studies of open-source community dynamics have found motivations behind contributions and the significance of community engagement, but there are still many aspects not well understood. There’s a direct correlation between the success of an open-source project and the social interactions within its community. Most projects depend on a small group. To sustain open-source, we need to better understand how contributors interact, what information is shared, and what concerns practitioners have. We study common topics, how these have changed over time (2011 - 2021), and what social issues have appeared within open-source communities.
Paper / DOI
Courtney Miller, Paige Rodeghero, Margaret-Anne Storey, Denae Ford, Thomas Zimmermann.
"How Was Your Weekend?" Software Development Teams Working From Home During COVID-19 .
IEEE/ACM International Conference of Software Engineering (ICSE), 2021.
We investigate how development team collaboration, communication, and productivity have been impacted by the rapid shift to remote work during the COVID-19 pandemic. We perform two surveys at a large software company to identify the challenges relating to inter and intra team collaboration and communication and use statistical modeling to quantify how those challenges impact changes in self-reported productivity levels.
Paper / Slides / Presentation Video / Supplementary Material / Details
Courtney Miller, David Gray Widder, Christian Kästner, Bogdan Vasilescu.
Why Do People Give Up FLOSSing? A Study of Contributor Disengagement in Open Source.
IFIP International Conference on Open Source Systems (OSS), 2019.
We conduct a mixed-methods empirical study, combining surveys and survival modeling, to identify the reasons and predictive factors behind established open source contributor project disengagement.
Paper / Slides / Details