By helping you find and keep your dependencies up to date, you can focus on your code, and we will take care of the rest.

The main goal of modern software development is deploying new features fast while keeping reliability and security risks at bay. While recent advances in AI-supported software development, such as Github’s Co-pilot, are getting a lot of attention, they only address part of the problem. Instead of writing new code, developers opt for incorporating external libraries into their applications, allowing them to tap into years of accumulated effort. On the other hand, by doing so, they become dependent on projects they have less control over. As the network of direct and transitive dependencies grows, dependency upkeep, version synchronization, security, and reliability risks and efforts add up.

In our first project in this research vector, UPGRADVISOR (http://upgradvisor.github.io/ ), we focused on dissecting dependency updates to gauge the effort required to adapt them. Next, we plan on applying novel DNN-trained models to assist with studying updates and fixing application code to support dependency updates.

If you care about software security and reliability and want to be a part of cutting-edge ML-assisted software development research, consider applying for this project.

This is an UNPAID research project.

Faculty Advisor

  • Professor: Junfeng Yang
  • Center/Lab: Department of Computer Science
  • Location: Mudd building
  • Our research goal is building tools to better protect, verify, analyze, test, and debug software.

Project Timeline

  • Earliest starting date: 10/15/2022
  • End date: 1/9/2023
  • Number of hours per week of research expected during Fall 2022: ~10

Candidate requirements

  • Skill sets: We’re looking for motivated students with strong programming and analytical skills to participate in research projects
  • Student eligibility: freshman, sophomore, junior, senior, master’s
  • International students on F1 or J1 visa: eligible
  • Academic Credit Possible: Yes