Understanding the NPM dependencies ecosystem of a project using virtual reality
Additional information
Authors
Moreno-Lumbreras D.,
González-Barahona J. M.,
Lanza M.
Type
Article in conference proceedings
Year
2023
Language
English
Abstract
Modern JavaScript development relies heavily on using Node Package Manager (NPM) modules. These modules are related by dependency relationships, possibly requiring dozens or hundreds of modules to build a complete JavaScript web application. Studying dependencies, in terms of their sustainability, vulnerability, size, defects, etc., is fundamental for the deployment and maintenance of JavaScript web applications. We use a 3D metaphor based on presenting dependencies as an “elevated city”, mapping both dependency relationships and characteristics of interest of each module. We developed a VR (virtual reality) scene representing the dependencies of several web applications using the elevated city metaphor, and exposed industrial experts to it to check its suitability. They explored a medium-sized project, with more than 200 dependencies, sharing their insights. The results highlight different aspects of our approach and how the combination of metrics helps experts to obtain insights from the ecosystem. The feedback shows the usefulness of the visualization to check and explore several aspects of the dependencies of an application, helping to identify problems related to maintainability, license usage, or vulnerabilities, and to design strategies to address them.
Keywords
Virtual reality, Elevated city, Software visualization, Ecosystem , NPM dependencies
Conference proceedings
2023 IEEE Working Conference on Software Visualization (VISSOFT)
Pages (or article number)
84-94
Diffusion
License
License undefined
Visibility
Public
Status open access
Green
