Saved in:
Bibliographic Details
Main Authors: Saeidi, Mohammadreza, Thoma, Ethan, Kula, Raula Gaikovina, Rodríguez-Pérez, Gema
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2511.04986
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908635729231872
author Saeidi, Mohammadreza
Thoma, Ethan
Kula, Raula Gaikovina
Rodríguez-Pérez, Gema
author_facet Saeidi, Mohammadreza
Thoma, Ethan
Kula, Raula Gaikovina
Rodríguez-Pérez, Gema
contents Background: Widespread use of third-party libraries makes ecosystems like Node Package Manager (npm) critical to modern software development. However, this interconnected chain of dependencies also creates challenges: bugs in one library can propagate downstream, potentially impacting many other libraries that rely on it. We hypothesize that maintainers may not always decide to fix a bug, especially if the maintainer decides it falls out of their responsibility within the chain of dependencies. Aims: To confirm this hypothesis, we investigate the responsiveness of 30,340 bug reports across 500 of the most depended-upon npm packages. Method: We adopt a mixed-method approach to mine repository issue data and perform qualitative open coding to analyze reasons behind unaddressed bug reports. Results: Our findings show that maintainers are generally responsive, with a median project-level responsiveness of 70% (IQR: 55%-89%), reflecting their commitment to support downstream developers. Conclusions: We present a taxonomy of the reasons some bugs remain unresolved. The taxonomy includes contribution practices, dependency constraints, and library-specific standards as reasons for not being responsive. Understanding maintainer behavior can inform practices that promote a more robust and responsive open-source ecosystem that benefits the entire community.
format Preprint
id arxiv_https___arxiv_org_abs_2511_04986
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle What About Our Bug? A Study on the Responsiveness of NPM Package Maintainers
Saeidi, Mohammadreza
Thoma, Ethan
Kula, Raula Gaikovina
Rodríguez-Pérez, Gema
Software Engineering
Background: Widespread use of third-party libraries makes ecosystems like Node Package Manager (npm) critical to modern software development. However, this interconnected chain of dependencies also creates challenges: bugs in one library can propagate downstream, potentially impacting many other libraries that rely on it. We hypothesize that maintainers may not always decide to fix a bug, especially if the maintainer decides it falls out of their responsibility within the chain of dependencies. Aims: To confirm this hypothesis, we investigate the responsiveness of 30,340 bug reports across 500 of the most depended-upon npm packages. Method: We adopt a mixed-method approach to mine repository issue data and perform qualitative open coding to analyze reasons behind unaddressed bug reports. Results: Our findings show that maintainers are generally responsive, with a median project-level responsiveness of 70% (IQR: 55%-89%), reflecting their commitment to support downstream developers. Conclusions: We present a taxonomy of the reasons some bugs remain unresolved. The taxonomy includes contribution practices, dependency constraints, and library-specific standards as reasons for not being responsive. Understanding maintainer behavior can inform practices that promote a more robust and responsive open-source ecosystem that benefits the entire community.
title What About Our Bug? A Study on the Responsiveness of NPM Package Maintainers
topic Software Engineering
url https://arxiv.org/abs/2511.04986