A Longitudinal Analysis of Bloated Java Dependencies

TL;DR

This study analyzes the evolution of bloated Java dependencies in Maven projects, revealing their persistent presence, potential for removal, and the maintenance efforts they induce over time.

Contribution

It provides the first large-scale longitudinal analysis of bloated dependencies in Java/Maven, highlighting their growth, persistence, and impact on maintenance.

Findings

89.02% of bloated dependencies remain bloated across versions

22% of dependency updates target bloated dependencies

Dependabot recommends updates on bloated dependencies at a similar rate

Abstract

We study the evolution and impact of bloated dependencies in a single software ecosystem: Java/Maven. Bloated dependencies are third-party libraries that are packaged in the application binary but are not needed to run the application. We analyze the history of 435 Java projects. This historical data includes 48,469 distinct dependencies, which we study across a total of 31,515 versions of Maven dependency trees. Bloated dependencies steadily increase over time, and 89.02% of the direct dependencies that are bloated remain bloated in all subsequent versions of the studied projects. This empirical evidence suggests that developers can safely remove a bloated dependency. We further report novel insights regarding the unnecessary maintenance efforts induced by bloat. We find that 22% of dependency updates performed by developers are made on bloated dependencies and that Dependabot suggests a similar ratio of updates on bloated dependencies.