A Machine Learning Approach to Determine the Semantic Versioning Type of npm Packages Releases
Semantic versioning policy is widely used to indicate the level of changes in a package release. Unfortunately, there are many cases where developers do not respect the semantic versioning policy, leading to the breakage of dependent applications. To reduce such cases, we proposed using machine learning (ML) techniques to effectively predict the new release type, i.e., patch, minor, major, in order to properly determine the semantic versioning type. To perform our prediction, we mined and used a number of features about a release, such as the complexity of the changed code, change types, and development activities. We then used four ML classifiers. To evaluate the performance of the proposed ML classifiers, we conducted an empirical study on 31 JavaScript packages containing a total of approximately 6,260 releases. We started by extracting 41 release level features from historical data of packages' source code and repositories. Then, we used four machine learning classifiers, namely XGBoost, Random Forest, Decision Tree, and Logistic Regression. We found that the XGBoost classifiers performed the best, achieving median ROC AUC values of 0.78, 0.69, and 0.74 for major, minor, and patch releases, respectively. We also found that features related to the change types in a release are the best predictors group of features in determining the semantic versioning type. Finally, we studied the generalizability of determining the semantic versioning type by applying cross-package validation. Our results showed that the general classifier achieved median ROC AUC values of 0.76, 0.69, and 0.75 for major, minor, and patch releases.
READ FULL TEXT