- Computer Science Laboratory

JAIME Damien

PhD Student at Sorbonne University (ATER, Université Paris Nanterre)
Team : MoVe
    Sorbonne Université - LIP6
    Boîte courrier 169
    Couloir 25-26, Étage 2, Bureau 203
    4 place Jussieu
    75252 PARIS CEDEX 05
    FRANCE

+33 1 44 27 87 71
Damien.Jaime (at) nulllip6.fr
https://lip6.fr/Damien.Jaime

Supervision : Pascal POIZAT
Co-supervision : EL HADDAD Joyce (Université Paris Dauphine / LAMSADE)

Analysis and evolution of dependencies in software ecosystems

The rise of free and open-source software fosters development by reusing software libraries that are available within ecosystems such as Java / Maven. This offers advantages, particularly in terms of development time.

However, this also raises maintenance issues, which are amplified by the dependencies between the libraries themselves. Beyond a project’s direct dependencies, it is crucial to analyze its entire software supply chain. In this thesis, achieved in collaboration with an industrial partner, the focus is put on analyzing the quality and maintenance of projects with reference to their supply chain seen through the prism of their direct and indirect software dependencies. From a broader perspective, the study concerns dependency ecosystems at a global scale.

The first contribution of this thesis is a systematic mapping study on software dependency quality metrics. This review reveals the richness of the existing metrics but also the need to provide efficient means for associating these metrics to project or ecosystem dependency graphs, which are often very large. To address this issue, a second contribution proposes tool-based approaches for mining ecosystem-scale dependency graphs, enriching them with dependency related quality metrics, and efficiently querying large dependency graphs.

Beyond measuring the quality of a project in terms of its dependencies, it is crucial to be able to react to issues such as library obsolescence or vulnerability presence.

To this end, a third contribution of this thesis concerns an approach, based on linear programming, for the generation of software dependency update plans that integrate user preferences in terms of quality, while minimizing incompatibilities. All the tools and datasets developed during this thesis are free and open source, and some of them were used as a basis for the “Mining Challenge” of a conference in the field.


Phd defence : 06/20/2025

Jury members :

Ben HERMANN, Technische Universität Dortmund [Rapporteur]
Tom MENS, Université de Mons [Rapporteur]
Julia LAWALL, INRIA Paris
Lina OCHOA VENEGAS, Eindhoven University of Technology
Olivier BARAIS, Université Rennes 1
Romain ROBBES, LaBRI
Pascal POIZAT, LIP6
Joyce EL HADDAD, LAMSADE

2022-2025 Publications