Masterarbeit
Deep Dependency Analysis of Python Packages for Improved Software Reliability and Reproducibility
Research Area
Intelligent Information Management
Advisers
Dr. Sheeba Samuel
Description
Modern software systems heavily rely on third-party libraries, making dependency management a critical aspect of software reliability and security. In the Python ecosystem, package managers such as pip and repositories like PyPI enable easy integration of external libraries, but also introduce complex dependency chains that are often poorly understood. These dependencies may lead to issues such as version conflicts, hidden transitive dependencies, security vulnerabilities, and reproducibility challenges when environments change over time. The objective of this thesis is to conduct a deep analysis of Python package dependencies, focusing on understanding dependency structures, identifying common issues, and improving transparency in the software supply chain. The research will involve mining package metadata, analyzing dependency graphs, and studying version constraints and compatibility patterns across a large set of Python projects. AI techniques and static analysis may be used to detect anomalies, predict potential conflicts, or infer missing dependency constraints. The thesis can contribute by (1) developing methods to model and analyze complex dependency graphs, (2) identifying patterns of dependency-related issues such as conflicts or outdated packages, and (3) proposing approaches for improving dependency management practices. The outcome will be a prototype tool or framework that provides insights into dependency health, detects risks in dependency configurations, and supports developers in creating more stable, secure, and reproducible Python software systems.
