Toward Better Dependency Management in Python Projects
Guardado en:
| Publicado en: | ProQuest Dissertations and Theses (2025) |
|---|---|
| Autor principal: | |
| Publicado: |
ProQuest Dissertations & Theses
|
| Materias: | |
| Acceso en línea: | Citation/Abstract Full Text - PDF |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| Resumen: | Modern software development heavily relies on third-party packages to accelerate progress, yet two critical challenges persist: managing dependency conflicts during package installation and addressing the frequent absence or incompleteness of configuration files in Python projects. These issues disrupt workflow efficiency, degrade system stability, and hinder reproducibility. This research aims to solve both problems by introducing two separate tools. First, we introduce SMTpip, a tool leveraging Satisfiability Modulo Theories (SMT) solvers to resolve third-party package dependency conflicts and Python version incompatibilities during package installation, ensuring a reproducible and conflict-free environment for Python projects. SMTpip constructs a comprehensive dependency knowledge graph by analyzing metadata from the Python Package Index (PyPI) and translates client project requirements—such as Python version constraints and library dependency constraints—into SMT expressions to find an optimal, conflict-free installation process. Evaluations using four different datasets from open-source software repositories show that SMTpip achieves significant speedups: 39× faster than pip, 37× faster than Conda, 3.2× faster than smartPip, and 4× faster than PyEGo. Additionally, SMTpip is able to determine when a set of dependency constraints is inconsistent, meaning that the constraints are mutually contradictory and there is no way of meeting them all simultaneously. Second, we introduce an automated approach to generating requirements.txt files for Python projects lacking dependency specifications. Our approach addresses the challenges of identifying packages and their compatible versions through code parsing. When tested on 3,081 notebooks, our proposed generator tool successfully generated requirements.txt files and enabled the execution of 1,230 notebooks, achieving a 39.92% success rate—nearly twice that of pipreqs (20.84%, or 642 notebooks). Failures were primarily due to non-dependency issues, highlighting challenges beyond dependency resolution. By ensuring consistent software environments and automating dependency specification, these tools enhance project reproducibility. The implementation of SMTpip and the generator tool are publicly available to facilitate reproducibility. |
|---|---|
| ISBN: | 9798315754534 |
| Fuente: | ProQuest Dissertations & Theses Global |