A Preliminary Study on Self-Contained Libraries in the NPM Ecosystem

TL;DR

This study analyzes self-contained libraries in the NPM ecosystem, revealing that nearly 40% are dependency-free, often due to dependency removal driven by performance and size concerns, highlighting trends in dependency management.

Contribution

It provides the first comprehensive analysis of self-contained libraries in NPM, identifying their characteristics, origins, and the main reasons for dependency removal.

Findings

39.49% of NPM libraries are self-contained

40.42% of self-contained libraries removed dependencies

Main reasons for removal are performance and size concerns

Abstract

The widespread of libraries within modern software ecosystems creates complex networks of dependencies. These dependencies are fragile to breakage, outdated, or redundancy, potentially leading to cascading issues in dependent libraries. One mitigation strategy involves reducing dependencies; libraries with zero dependencies become to self-contained. This paper explores the characteristics of self-contained libraries within the NPM ecosystem. Analyzing a dataset of 2763 NPM libraries, we found that 39.49\% are self-contained. Of these self-contained libraries, 40.42\% previously had dependencies that were later removed. This analysis revealed a significant trend of dependency reduction within the NPM ecosystem. The most frequently removed dependency was babel-runtime. Our investigation indicates that the primary reasons for dependency removal are concerns about the performance and the size of the dependency. Our findings illuminate the nature of self-contained libraries and their origins, offering valuable insights to guide software development practices.