Paulo Meirelles

A Study of the Relationships between Source Code Metrics and Attractiveness in Free Software Projects

A significant number of Free Software projects has been widely used and considered successful. However, there is an even larger number of them that cannot overcome the initial step towards building an active community of users and developers. In this study, we investigated whether there are relationships between source code metrics and attractiveness, i.e., the ability of a project to attract users and developers. To verify these relationships, we analyzed 6,773 Free Software projects from the SourceForge.net repository. The results indicated that attractiveness is indeed correlated to some source code metrics. This suggests that measurable attributes of the project source code somehow affect the decision to contribute and adopt a Free Software project. The findings described in this study show that it is relevant for project leaders to monitor source code quality, most specifically a few objective metrics, since these can have a positive influence in their chances of forming a community of contributors and users around the software, enabling further enhancement in its quality.

Free and Open Source Software Development and Research: Opportunities for Software Engineering

Free/Libre/Open Source Software (FLOSS) communities have produced a large amount of valuable software that is directly or indirectly used daily by any person with access to a computer. The field of Software Engineering studies processes, mechanisms, tools, and frameworks for the development of software artifacts. Historically, however, most of Software Engineering research and education does not benefit from the large and rich source of data and experimental testbeds offered by FLOSS projects and their hundreds of millions of lines of working code. In this paper, we discuss how Software Engineering research and education can greatly benefit from the wealth of information available in the FLOSS ecosystem. We then evaluate how FLOSS has been used, up to now, by papers published in the Brazilian Symposium on Software Engineering. Finally, we present an agenda for the future, proposing concrete ways to exploit the synergies between research and education in Software Engineering and FLOSS projects.

Brazilian Public Software Portal: an integrated platform for collaborative development

The Brazilian Public Software (SPB) is a program promoted by the Brazilian Federal Government to foster sharing and collaboration on Free/Libre/Open Source Software (FLOSS) solutions for the public administration. In this context, a public software is considered a public good and the Federal Government assumes some responsibilities related to its use. Once its devolpment principles is the same of the FLOSS projects, we have designed the SPB Portal, a platform based on the integration and evolution of existing FLOSS tools. It provides several modern features for software collaborative development, helping the Brazilian public administration in sharing its solutions. In this paper, we present this integrated software development platform that was developed for the SPB program by a heterogeneous team composed by professors, master students and undergraduate students, as well as by professionals from FLOSS communities. The development of this platform used several FLOSS projects, providing a non-trivial integration among them. This effort has also produced several new features that were contributed back to these projects. Alongside the architectural challenges, we also discuss in this paper our work process, based on agile and free software development practices, and the lessons learned during 30 months of work on the SPB project.

A Metrics Suite for code annotation assessment

Abstract Code annotation is a language feature that enables the introduction of custom metadata on programming elements. In Java, this feature was introduced on version 5, and today it is widely used by main enterprise application frameworks and APIs. Although this language feature potentially simplifies metadata configuration, its abuse and misuse can reduce source code readability and complicate its maintenance. The goal of this paper is to propose software metrics regarding annotations in the source code and analyze their distribution in real-world projects. We have defined a suite of metrics to assess characteristics of the usage of source code annotations in a code base. Our study collected data from 24947 classes extracted from open source projects to analyze the distribution of the proposed metrics. We developed a tool to automatically extract the metrics and provide a full report on annotations usage. Based on the analysis of the distribution, we defined an appropriate approach for the calculation of thresholds to interpret the metric values. The results allow the assessment of annotated code characteristics. Using the thresholds values, we proposed a way to interpret the use of annotations, which can reveal potential problems in the source code.

Continuous Delivery: Building Trust in a Large-Scale, Complex Government Organization

For many software development teams, the first aspects that come to mind regarding continuous delivery (CD) are the operational challenges and competitive benefits. In the authors’ experience, CD was much more: it was a survival technique. This article presents how and why they applied CD in a large governmental project for the development of a collaborative development environment. They share the challenges they faced and the strategies they used to overcome them. The article concludes with a set of lessons learned that can be valuable for readers in a variety of situations. This article is part of a special issue on release engineering.

Implementing Federated Social Networking: Report from the Trenches

The federation of social networks aims at integrating users by means of a decentralized structure, enabling the interoperability among multiple social networks in a transparent way. Despite a few isolated initiatives in federating open social networks, there is no adoption of any standard, which hinders the emergence of new, effective federated systems. To understand the difficulties in the development and standardization of federated services, we have conducted research on existing specifications and implementations of interoperability among social networks. We have developed a federation proof of concept within the Noosfero platform, implementing a subset of the Diaspora protocol to federate users and public content, in addition to complementary specifications, such as Salmon and WebFinger. In this work, we introduce our results to federate Noosfero with Diaspora networks, pointing the required steps before further development. We aim to implement the Diaspora protocol within Noosfero, finishing its specification and improving its documentation, encouraging more projects to adopt this protocol.

Using PageRank to Reveal Relevant Issues to Support Decision-Making on Open Source Projects

Software release planning is crucial to software projects that adopt incremental development. Open source projects depend on their globally distributed maintainers’ communities who share project information, usually described in the software project repository as issues, to plan the contents and timing of the next releases. This paper introduces an approach based on software issues to support decision-making regarding open source software development activities such as release planning and retrospectives. It uses the PageRank algorithm to suggest an importance ranking of the software issues based on the issues dependencies topology. When based on a highly connected topology, project leaders can use this rank as an input to planning activities. The observation of two open source projects indicates the feasibility of our approach.

Ranking Source Code Static Analysis Warnings for Continuous Monitoring of FLOSS Repositories

Performing source code static analysis during the software development cycle is a difficult task. There are different static analyzers available, and each of them usually works better in a small subset of problems, making it hard to choose a single tool. Combining the analysis of different tools solves this problem, but brings about other problems, namely the generated false positives and a large amount of unsorted alarms. This paper presents kiskadee, a system to support the usage of static analysis during software development by providing carefully ranked static analysis reports. First, it runs multiple static analyzers on the source code. Then, using a classification model, the potential bugs detected by the static analyzers are ranked based on their importance, with critical flaws ranked first, and potential false positives ranked last. Our experimental results show that, on average, when inspecting warnings ranked by kiskadee, one hits 5.2 times less false positives before each bug than when using a randomly sorted warning list.

FLOSS Project Management in Government-Academia Collaboration.

Government and academia can collaborate on bringing innovation and filling design-reality gaps in e-government projects. However, differences in project management methods employed by the organizations is often a challenge for collaborative works. Bearing that in mind, we investigated a 30-month government-academia partnership to find appropriate ways to get around this obstacle. From the analysis of post-mortem data, we present a set of best practices based on FLOSS and agile software development approaches that favors team management in government-academia collaborations in e-government development projects.

A study on low complexity models to predict flaws in the Linux source code

Due to the constant evolution of technology, each day brings new programming languages, development paradigms, and ways of evaluating processes. This is no different with source code metrics, where there is always new metric classes. To use a software metric to support decisions, it is necessary to understand how to perform the metric collection, calculation, interpretation, and analysis. The tasks of collecting and calculating source code metrics are most often automated, but how should we monitor them during the software development cycle? Our research aims to assist the software engineer to monitor metrics of vulnerability threats present in the source code through a reference prediction model, considering that real world software have non-functional security requirements, which implies the need to know how to monitor these requirements during the software development cycle. As a first result, this paper presents an empirical study on the evolution of the Linux project. Based on static analysis data, we propose low complexity models to study flaws in the Linux source code. About 391 versions of the project were analyzed by mining the official Linux repository using an approach that can be reproduced to perform similar studies. Our results show that it is possible to predict the number of warnings triggered by a static analyzer for a given software project revision as long as the software is continuously monitored.