#6339. Can we trust tests to automate dependency updates? A case study of Java Projects

October 2026publication date
Proposal available till 19-05-2025
4 total number of authors per manuscript0 $

The title of the journal is available only for the authors who have already paid for
Journal’s subject area:
Information Systems;
Hardware and Architecture;
Software;
Places in the authors’ list:
place 1place 2place 3place 4
FreeFreeFreeFree
2350 $1200 $1050 $900 $
Contract6339.1 Contract6339.2 Contract6339.3 Contract6339.4
1 place - free (for sale)
2 place - free (for sale)
3 place - free (for sale)
4 place - free (for sale)

Abstract:
Developers are increasingly using services such as Dependabot to automate dependency updates. However, recent research has shown that developers perceive such services as unreliable, as they heavily rely on test coverage to detect conflicts in updates. To understand the prevalence of tests exercising dependencies, we calculate the test coverage of direct and indirect uses of dependencies in 521 well-tested Java projects.
Keywords:
Dependency management; Library updates; Package management; Semantic versioning; Software migration

Contacts :
0