Augmenting Library Development by Mining Usage Data from Downstream Dependencies

Software and its dependencies build up a graph where edges connect packages with their dependencies. In this graph, downstream dependencies are all the nodes that depend on a package of interest. Although gathering and mining such downstream dependencies allow for informed decision-making for a package developer, there is much room for improvement, such as automation and integration of this approach into their development process. This paper makes two contributions: (i) We propose an approach for efficiently gathering downstream dependencies of a single package and extracting usage samples from them using a static type analyzer. (ii) We present a tool that allows npm package developers to survey the aggregated usage data directly in their IDE in an interactive and context-sensitive way. We evaluate the approach and the tool on a selection of open source projects and specific development-related questions with respect to found downstream dependencies, gathering speed, and required storage. Our methods return over 8 000 downstream dependencies for popular packages and process about 12 dependencies per minute. The usage sample extraction offers high precision for basic use cases. The main limitations are the exclusion of unpopular and closed-source downstream dependencies as well as failing analysis when encountering complex build configurations or metaprogramming patterns. To summarize, we show that the tool supports package developers in gathering usage data and surveying the use of their packages and APIs within their downstream dependencies, allowing for informed decision-making.