Laleh Mousavi Eshkevari

REPENT: Analyzing the Nature of Identifier Renamings

Source code lexicon plays a paramount role in software quality: poor lexicon can lead to poor comprehensibility and even increase software fault-proneness. For this reason, renaming a program entity, i.e., altering the entity identifier, is an important activity during software evolution. Developers rename when they feel that the name of an entity is not (anymore) consistent with its functionality, or when such a name may be misleading. A survey that we performed with 71 developers suggests that 39 percent perform renaming from a few times per week to almost every day and that 92 percent of the participants consider that renaming is not straightforward. However, despite the cost that is associated with renaming, renamings are seldom if ever documented-for example, less than 1 percent of the renamings in the five programs that we studied. This explains why participants largely agree on the usefulness of automatically documenting renamings. In this paper we propose REanaming Program ENTities (REPENT), an approach to automatically document-detect and classify-identifier renamings in source code. REPENT detects renamings based on a combination of source code differencing and data flow analyses. Using a set of natural language tools, REPENT classifies renamings into the different dimensions of a taxonomy that we defined. Using the documented renamings, developers will be able to, for example, look up methods that are part of the public API (as they impact client applications), or look for inconsistencies between the name and the implementation of an entity that underwent a high risk renaming (e.g., towards the opposite meaning). We evaluate the accuracy and completeness of REPENT on the evolution history of five open-source Java programs. The study indicates a precision of 88 percent and a recall of 92 percent. In addition, we report an exploratory study investigating and discussing how identifiers are renamed in the five programs, according to our taxonomy.

Physical and conceptual identifier dispersion: Measures and relation to fault proneness

Poorly-chosen identifiers have been reported in the literature as misleading and increasing the program comprehension effort. Identifiers are composed of terms, which can be dictionary words, acronyms, contractions, or simple strings. We conjecture that the use of identical terms in different contexts may increase the risk of faults. We investigate our conjecture using a measure combining term entropy and term context coverage to study whether certain terms increase the odds ratios of methods to be fault-prone. Entropy measures the physical dispersion of terms in a program: the higher the entropy, the more scattered across the program the terms. Context coverage measures the conceptual dispersion of terms: the higher their context coverage, the more unrelated the methods using them. We compute term entropy and context coverage of terms extracted from identifiers in Rhino 1.4R3 and ArgoUML 0.16. We show statistically that methods containing terms with high entropy and context coverage are more fault-prone than others.

An exploratory study of identifier renamings

Identifiers play an important role in source code understandability, maintainability, and fault-proneness. This paper reports a study of identifier renamings in software systems, studying how terms (identifier atomic components) change in source code identifiers. Specifically, the paper (i) proposes a term renaming taxonomy, (ii) presents an approximate lightweight code analysis approach to detect and classify term renamings automatically into the taxonomy dimensions, and (iii) reports an exploratory study of term renamings in two open-source systems, Eclipse-JDT and Tomcat. We thus report evidence that not only synonyms are involved in renamings but also (in a small fraction) more unexpected changes occur: surprisingly, we detected hypernym (a more abstract term, e.g., size vs. length) and hyponym (a more concrete term, e.g., restriction vs. rule) renamings, and antonym renamings (a term replaced with one having the opposite meaning, e.g., closing vs. opening). Despite being only a fraction of all renamings, synonym, hyponym, hypernym, and antonym renamings may hint at some program understanding issues and, thus, could be used in a renamingrecommendation system to improve code quality.

Identifying and locating interference issues in PHP applications: the case of WordPress

The large success of Content management Systems (CMS) such as WordPress is largely due to the rich ecosystem of themes and plugins developed around the CMS that allows users to easily build and customize complex Web applications featuring photo galleries, contact forms, and blog pages. However, the design of the CMS, the plugin-based architecture, and the implicit characteristics of the programming language used to develop them (often PHP), can cause interference or unwanted side effects between the resources declared and used by different plugins. This paper describes the problem of interference between plugins in CMS, specifically those developed using PHP, and outlines an approach combining static and dynamic analysis to detect and locate such interference. Results of a case study conducted over 10 WordPress plugins shows that the analysis can help to identify and locate plugin interference, and thus be used to enhance CMS quality assurance.

Are PHP applications ready for Hack

PHP is by far the most popular WEB scripting language, accounting for more than 80% of existing websites. PHP is dynamically typed, which means that variables take on the type of the objects that they are assigned, and may change type as execution proceeds. While some type changes are likely not harmful, others involving function calls and global variables may be more difficult to understand and the source of many bugs. Hack, a new PHP variant endorsed by Facebook, attempts to address this problem by adding static typing to PHP variables, which limits them to a single consistent type throughout execution. This paper defines an empirical taxonomy of PHP type changes along three dimensions: the complexity or burden imposed to understand the type change; whether or not the change is potentially harmful; and the actual types changed. We apply static and dynamic analyses to three widely used WEB applications coded in PHP (WordPress, Drupal and phpBB) to investigate (1) to what extent developers really use dynamic typing, (2) what kinds of type changes are actually encountered; and (3) how difficult it might be to refactor the code to avoid type changes, and thus meet the constraints of Hacks static typing. We report evidence that dynamic typing is actually a relatively uncommon practice in production PHP programs, and that most dynamic type changes are simple representational changes, such as between strings and integers. We observe that most PHP type changes in these programs are relatively simple, and that the largest proportion of them are easy to refactor to consistent static typing using simple local renaming transformations. Overall, the paper casts doubt on the usefulness of dynamic typing in PHP, and indicates that for many production applications, conversion to Hacks static typing may not be very difficult.

Detecting Function Constructors in JavaScript

Prior to the recent updates of the JavaScript language specifications, developers had to use custom solutions to emulate constructs such as classes, modules, and namespaces in JavaScript programs. This paper introduces JSDEODORANT, an automatic approach for detecting function constructors declared locally, under a namespace, or even in other modules. The comparison with the state-of-the-art tool, JSClassFinder, shows that while the precision of the tools is very similar (97% and 98%), the recall of JSDEODORANT (98%) is much higher than JSClassFinder (61%).

Overcoming comprehension barriers in the AspectJ programming language

It has now been over a decade since the introduction of Aspect-Oriented Programming (AOP). As the AspectJ programming language (being one of the notable technologies of AOP) gains acceptance in industry and academia, its comprehensibility property is an important factor in determining an eventual wide acceptance by practitioners in development and maintenance as well as by educators who aim at introducing AOP into their curricula. Our objective is to improve program comprehension by identifying and addressing potential pitfalls in code which tend to make comprehension not intuitive. In those subtle places, we observe the behavior of the program to see the degree to which it matches the expected results. In cases where a conflict occurs, we provide a reasoning to point out where it would originate from, and a resolution to the conflict where applicable.

Accurate and efficient refactoring detection in commit history

Refactoring detection algorithms have been crucial to a variety of applications: (i) empirical studies about the evolution of code, tests, and faults, (ii) tools for library API migration, (iii) improving the comprehension of changes and code reviews, etc. However, recent research has questioned the accuracy of the state-of-the-art refactoring detection tools, which poses threats to the reliability of their application. Moreover, previous refactoring detection tools are very sensitive to user-provided similarity thresholds, which further reduces their practical accuracy. In addition, their requirement to build the project versions/revisions under analysis makes them inapplicable in many real-world scenarios. To reinvigorate a previously fruitful line of research that has stifled, we designed, implemented, and evaluated RMiner, a technique that overcomes the above limitations. At the heart of RMiner is an AST-based statement matching algorithm that determines refactoring candidates without requiring user-defined thresholds. To empirically evaluate RMiner, we created the most comprehensive oracle to date that uses triangulation to create a dataset with considerably reduced bias, representing 3,188 refactorings from 185 open-source projects. Using this oracle, we found that RMiner has a precision of 98% and recall of 87%, which is a significant improvement over the previous state-of-the-art.

Comprehension and dependency analysis of aspect-oriented programs through declarative reasoning

In this paper we discuss an approach to support declarative reasoning over aspect-oriented (AO) programs, adopting AspectJ as a representative technology. The approach is based on the transformation of source code into a set of facts and rules, stored into a Prolog database. Declarative analysis allows us to extract complex information through its rich and expressive syntax. Our approach has two contributions. First, it aims to improve the comprehension of AspectJ programs. The type of knowledge provided is categorized in three main groups: i) general knowledge, ii) bad smells, and iii) quality metrics. The second contribution is the provision of dependency analysis of AspectJ programs. To that end, we identify dependencies in aspect-oriented programs, and translate them into Prolog rules. Expected beneficiaries of our approach include system maintainers who can obtain comprehension and perform dependency analysis through querying the Prolog database during the change planning stage of system evolution.

JSDeodorant: class-awareness for JavaScript programs

Until the recent updates to JavaScript specifications, adding syntactical support for class and namespace declaration, developers used custom solutions to emulate modulardecomposition (e.g., classes and namespaces) and other object-oriented constructs, such as interfaces, and inheritance relationships. However, the lack of standards for severalyears led to a large variation and diversity of custom solutions for emulating object-oriented constructs, making maintenance and comprehension activities rather difficult in JavaScript projects developed based on the previous languagespecifications. In this paper, we present JSDEODORANT, an Eclipse plug-in that enables class-aware maintenance and comprehension for JavaScript programs. (https://youtu.be/k4U2LwkL6JU).