{"id":"https://openalex.org/W4225163285","doi":"https://doi.org/10.1145/3522587","title":"There\u2019s no Such Thing as a Free Lunch: Lessons Learned from Exploring the Overhead Introduced by the Greenkeeper Dependency Bot in Npm","display_name":"There\u2019s no Such Thing as a Free Lunch: Lessons Learned from Exploring the Overhead Introduced by the Greenkeeper Dependency Bot in Npm","publication_year":2022,"publication_date":"2022-04-30","ids":{"openalex":"https://openalex.org/W4225163285","doi":"https://doi.org/10.1145/3522587"},"language":"en","primary_location":{"id":"doi:10.1145/3522587","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3522587","pdf_url":null,"source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103181376","display_name":"Benjamin Rombaut","orcid":"https://orcid.org/0000-0001-5947-2684"},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Benjamin Rombaut","raw_affiliation_strings":["Software Analysis and Intelligence Lab (SAIL) at Queen\u2019s University, Kingston, Canada","Software Analysis and Intelligence Lab (SAIL) at Queen's University, Kingston, Canada"],"raw_orcid":"https://orcid.org/0000-0001-5947-2684","affiliations":[{"raw_affiliation_string":"Software Analysis and Intelligence Lab (SAIL) at Queen\u2019s University, Kingston, Canada","institution_ids":["https://openalex.org/I204722609"]},{"raw_affiliation_string":"Software Analysis and Intelligence Lab (SAIL) at Queen's University, Kingston, Canada","institution_ids":["https://openalex.org/I204722609"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032675988","display_name":"Filipe R. Cogo","orcid":"https://orcid.org/0000-0002-5494-685X"},"institutions":[{"id":"https://openalex.org/I4210115038","display_name":"Huawei Technologies (Canada)","ror":"https://ror.org/026venb53","country_code":"CA","type":"company","lineage":["https://openalex.org/I2250955327","https://openalex.org/I4210115038"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Filipe R. Cogo","raw_affiliation_strings":["Centre for Software Excellence (CSE) at Huawei, Kingston, Canada"],"raw_orcid":"https://orcid.org/0000-0002-5494-685X","affiliations":[{"raw_affiliation_string":"Centre for Software Excellence (CSE) at Huawei, Kingston, Canada","institution_ids":["https://openalex.org/I4210115038"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058164381","display_name":"Bram Adams","orcid":"https://orcid.org/0000-0001-7213-4006"},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Bram Adams","raw_affiliation_strings":["Lab on Maintenance, Construction, and Intelligence of Software (MCIS) at Queen\u2019s University, Kingston, Canada","Lab on Maintenance, Construction, and Intelligence of Software (MCIS) at Queen's University, Kingston, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Lab on Maintenance, Construction, and Intelligence of Software (MCIS) at Queen\u2019s University, Kingston, Canada","institution_ids":["https://openalex.org/I204722609"]},{"raw_affiliation_string":"Lab on Maintenance, Construction, and Intelligence of Software (MCIS) at Queen's University, Kingston, Canada","institution_ids":["https://openalex.org/I204722609"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091586373","display_name":"Ahmed E. Hassan","orcid":"https://orcid.org/0000-0001-7749-5513"},"institutions":[{"id":"https://openalex.org/I204722609","display_name":"Queen's University","ror":"https://ror.org/02y72wh86","country_code":"CA","type":"education","lineage":["https://openalex.org/I204722609"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Ahmed E. Hassan","raw_affiliation_strings":["Software Analysis and Intelligence Lab (SAIL) at Queen\u2019s University, Kingston, Canada","Software Analysis and Intelligence Lab (SAIL) at Queen's University, Kingston, Canada"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Software Analysis and Intelligence Lab (SAIL) at Queen\u2019s University, Kingston, Canada","institution_ids":["https://openalex.org/I204722609"]},{"raw_affiliation_string":"Software Analysis and Intelligence Lab (SAIL) at Queen's University, Kingston, Canada","institution_ids":["https://openalex.org/I204722609"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5103181376"],"corresponding_institution_ids":["https://openalex.org/I204722609"],"apc_list":null,"apc_paid":null,"fwci":3.8233,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.94008991,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"32","issue":"1","first_page":"1","last_page":"40"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9940999746322632,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10430","display_name":"Software Engineering Techniques and Practices","score":0.9818000197410583,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8698204159736633},{"id":"https://openalex.org/keywords/dependency","display_name":"Dependency (UML)","score":0.8468308448791504},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.6581190824508667},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5838467478752136},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5101630687713623},{"id":"https://openalex.org/keywords/pipeline","display_name":"Pipeline (software)","score":0.4792901873588562},{"id":"https://openalex.org/keywords/action","display_name":"Action (physics)","score":0.4712831377983093},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.43687915802001953},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3640925884246826},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.34746962785720825},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3308030068874359}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8698204159736633},{"id":"https://openalex.org/C19768560","wikidata":"https://www.wikidata.org/wiki/Q320727","display_name":"Dependency (UML)","level":2,"score":0.8468308448791504},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.6581190824508667},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5838467478752136},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5101630687713623},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.4792901873588562},{"id":"https://openalex.org/C2780791683","wikidata":"https://www.wikidata.org/wiki/Q846785","display_name":"Action (physics)","level":2,"score":0.4712831377983093},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.43687915802001953},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3640925884246826},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.34746962785720825},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3308030068874359},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3522587","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3522587","pdf_url":null,"source":{"id":"https://openalex.org/S142627899","display_name":"ACM Transactions on Software Engineering and Methodology","issn_l":"1049-331X","issn":["1049-331X","1557-7392"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Software Engineering and Methodology","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":58,"referenced_works":["https://openalex.org/W1792587773","https://openalex.org/W1902482618","https://openalex.org/W1980165883","https://openalex.org/W2037797835","https://openalex.org/W2053154970","https://openalex.org/W2076646346","https://openalex.org/W2084706776","https://openalex.org/W2104086546","https://openalex.org/W2108161968","https://openalex.org/W2133012565","https://openalex.org/W2163048279","https://openalex.org/W2164777277","https://openalex.org/W2170021941","https://openalex.org/W2295687471","https://openalex.org/W2337042987","https://openalex.org/W2400282174","https://openalex.org/W2440056063","https://openalex.org/W2546705944","https://openalex.org/W2548749170","https://openalex.org/W2603712331","https://openalex.org/W2607296448","https://openalex.org/W2615381372","https://openalex.org/W2740279154","https://openalex.org/W2756188544","https://openalex.org/W2767231363","https://openalex.org/W2783404025","https://openalex.org/W2796104318","https://openalex.org/W2801591443","https://openalex.org/W2803395207","https://openalex.org/W2831080282","https://openalex.org/W2886465534","https://openalex.org/W2898651898","https://openalex.org/W2899117127","https://openalex.org/W2945486631","https://openalex.org/W2953482240","https://openalex.org/W2953795759","https://openalex.org/W2955449396","https://openalex.org/W2963923573","https://openalex.org/W2967160941","https://openalex.org/W2989443621","https://openalex.org/W3000045849","https://openalex.org/W3017863658","https://openalex.org/W3087802366","https://openalex.org/W3088906194","https://openalex.org/W3089614391","https://openalex.org/W3099458900","https://openalex.org/W3102273185","https://openalex.org/W3105541703","https://openalex.org/W3109947658","https://openalex.org/W3121596715","https://openalex.org/W3133846306","https://openalex.org/W3160570248","https://openalex.org/W3177321543","https://openalex.org/W3196126762","https://openalex.org/W4256420017","https://openalex.org/W4256607842","https://openalex.org/W4287281681","https://openalex.org/W4296394699"],"related_works":["https://openalex.org/W63071447","https://openalex.org/W2992516105","https://openalex.org/W1529400504","https://openalex.org/W2888625260","https://openalex.org/W65617392","https://openalex.org/W2028024605","https://openalex.org/W2149198389","https://openalex.org/W2360883279","https://openalex.org/W3120899676","https://openalex.org/W2767525681"],"abstract_inverted_index":{"Dependency":[0],"management":[1,57,83,210],"bots":[2,58,211],"are":[3],"increasingly":[4],"being":[5],"used":[6,85],"to":[7,15,32,50,54,149,172,198,216,219,247,258,261],"support":[8],"the":[9,41,52,92,160,184,193,200,221,227,239,243],"software":[10,89],"development":[11],"process,":[12],"for":[13,65,101],"example,":[14],"automatically":[16,165],"update":[17,140,148],"a":[18,21,80,111,130,138,145,155],"dependency":[19,56,82,139,147,195,209,263],"when":[20],"new":[22],"version":[23],"is":[24,29,49,99,154,164],"available.":[25],"Yet,":[26],"human":[27],"intervention":[28],"often":[30],"required":[31],"either":[33],"accept":[34],"or":[35,39],"reject":[36],"any":[37],"action":[38,136],"recommendation":[40],"bot":[42,84],"creates.":[43],"In":[44],"this":[45],"article,":[46],"our":[47,204],"objective":[48],"study":[51],"extent":[53],"which":[55,153],"create":[59],"additional,":[60],"and":[61,163,252],"sometimes":[62],"unnecessary,":[63],"work":[64],"their":[66],"users.":[67],"To":[68],"accomplish":[69],"this,":[70],"we":[71,179,206],"analyze":[72],"93,196":[73],"issue":[74,189],"reports":[75,190],"opened":[76],"by":[77,120,167,187,226],"Greenkeeper":[78,98,133,168,188],",":[79,169],"popular":[81],"in":[86,91,107],"open":[87],"source":[88],"projects":[90],"npm":[93],"ecosystem.":[94],"We":[95],"find":[96],"that":[97,116,158,181,208],"responsible":[100],"half":[102],"of":[103,114,124,132,183,223,235,242],"all":[104],"issues":[105,126],"reported":[106],"client":[108],"projects,":[109],"inducing":[110],"significant":[112],"amount":[113,222],"overhead":[115,162],"must":[117],"be":[118,174,214],"addressed":[119],"clients,":[121],"since":[122],"many":[123],"these":[125],"were":[127],"created":[128],"as":[129],"result":[131],"taking":[134],"incorrect":[135],"on":[137,203],"(i.e.,":[141],"false":[142,250],"alarms).":[143],"Reverting":[144],"broken":[146],"an":[150,175],"older":[151],"version,":[152],"potential":[156],"solution":[157],"requires":[159],"least":[161],"attempted":[166],"turns":[170],"out":[171],"not":[173],"effective":[176,256],"mechanism.":[177],"Finally,":[178],"observe":[180],"56%":[182],"commits":[185],"referenced":[186],"only":[191,238],"change":[192],"client\u2019s":[194,244],"specification":[196],"file":[197],"resolve":[199,262],"issue.":[201],"Based":[202],"findings,":[205],"argue":[207],"should":[212],"(i)":[213],"configurable":[215],"allow":[217],"clients":[218,260],"reduce":[220],"generated":[224],"activity":[225],"bots,":[228],"(ii)":[229],"take":[230],"into":[231],"consideration":[232],"more":[233,255],"sources":[234],"information":[236],"than":[237],"pass/fail":[240],"status":[241],"build":[245],"pipeline":[246],"help":[248],"eliminate":[249],"alarms,":[251],"(iii)":[253],"provide":[254],"incentives":[257],"encourage":[259],"issues.":[264]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":3}],"updated_date":"2026-05-21T09:19:25.381259","created_date":"2025-10-10T00:00:00"}