ABSTRACT
Package management as a means of reuse of software artifacts has become extremely popular, most notably in Linux distributions. At the same time, successful package management brings about a number of computational challenges. Whenever a user requires a new package to be installed, a package manager not only installs the new package but it might also install other packages or uninstall some old ones in order to respect dependencies and conflicts of the packages. Coming up with a new configuration of packages is computationally challenging. It is in particular complex when we also wish to optimize for user preferences, such as that the resulting package configuration should not differ too much from the original one. A number of exact approaches for solving this problem have been proposed in recent years. These approaches, however, do not have guaranteed runtime due to the high computational complexity of the problem. This paper addresses this issue by devising a hybrid approach that integrates exact solving with approximate solving by invoking the approximate part whenever the solver is running out of time. Experimental evaluation shows that this approach enables returning high-quality package configurations with rapid response time.
- R. Di Cosmo, B. Durak, X. Leroy, F. Mancinelli, and J. Vouillon, “Maintaining large software distributions: New challenges from the FOSS era,” in Proceedings of the FRCSS ’06 workshop, ser. EASST Newsletter, vol. 12. Vienna, Autriche: EASST, 2006, pp. 7–20.Google Scholar
- C. Tucker, D. Shuffelton, R. Jhala, and S. Lerner, “OPIUM: Optimal package install/uninstall manager,” in 29th International Conference on Software Engineering, ICSE, 2007, pp. 178–188. Google ScholarDigital Library
- F. Mancinelli, J. Boender, R. Di Cosmo, J. Vouillon, B. Durak, X. Leroy, and R. Treinen, “Managing the complexity of large free and open source package-based software distributions,” in ASE. IEEE Computer Society, 2006, pp. 199–208. Google ScholarDigital Library
- D. Le Berre and P. Rapicault, “Dependency management for the Eclipse ecosystem: Eclipse p2, metadata and resolution,” in Proceedings of the 1st international workshop on Open component ecosystems, ser. IWOCE ’09. New York, NY, USA: ACM, 2009, pp. 21–30. {Online}. Available: http://doi.acm.org/10.1145/1595800.1595805 Google ScholarDigital Library
- M. Gebser, R. Kaminski, and T. Schaub, “aspcud: A Linux package configuration tool based on answer set programming,” in LoCoCo, ser. EPTCS, C. Drescher, I. Lynce, and R. Treinen, Eds., vol. 65, 2011, pp. 12–25.Google Scholar
- “Eclipse project,” http://www.eclipse.org/.Google Scholar
- C. Hoover, “A methodology for determining response time baselines,” in Int. CMG Conference. Computer Measurement Group, 2006, pp. 85–94.Google Scholar
- K. C. Kang, S. G. Cohen, J. A. Hess, W. E. Novak, and A. S. Peterson, “Feature-oriented domain analysis (FODA) feasibility study,” Carnegie Mellon University, Nov., Tech. Rep. CMU/SEI-90-TR-021, 1990.Google Scholar
- E. C. Bailey, “Maximum RPM: Taking the Red Hat package manager to the limit,” http://www.rpm.org/max-rpm.Google Scholar
- J. R. O. Aoki, “Debian new maintainers’ guide,” http: //www.debian.org/doc/devel-manuals#maint-guide.Google Scholar
- R. Treinen and S. Zacchiroli, “Common upgradeability description format (CUDF) 2.0,” MANCOOSI, Tech. Rep. 003, Nov. 2009, http://www.mancoosi.org/reports/tr3.pdf.Google Scholar
- “Mancoosi international solver competition,” http://www.mancoosi.org/misc.Google Scholar
- “Mancoosi software,” http://www.mancoosi.org/software.Google Scholar
- C. M. Li and F. Manyà, “MaxSAT, hard and soft constraints,” in Handbook of Satisfiability, ser. Frontiers in Artificial Intelligence and Applications, A. Biere, M. Heule, H. van Maaren, and T. Walsh, Eds. IOS Press, 2009, vol. 185, pp. 613–631.Google Scholar
- M. Janota, I. Lynce, V. M. Manquinho, and J. Marques-Silva, “PackUp: Tools for package upgradability solving,” JSAT, vol. 8, no. 1/2, pp. 89–94, 2012.Google Scholar
- M. Ehrgott, Multicriteria Optimization (2. ed.). Springer, 2005. Google ScholarDigital Library
- J. Marques-Silva, J. Argelich, A. Gra¸ ca, and I. Lynce, “Boolean lexicographic optimization: algorithms & applications,”” Ann. Math. Artif. Intell., vol. 62, no. 3-4, pp. 317–343, 2011. Google ScholarDigital Library
- P. Trezentos, I. Lynce, and A. L. Oliveira, “Apt-pbo: solving the software dependency problem using pseudo-boolean optimization,” in ASE, C. Pecheur, J. Andrews, and E. D. Nitto, Eds. ACM, 2010, pp. 427–436. Google ScholarDigital Library
- M. Gebser, R. Kaminski, B. Kaufmann, and T. Schaub, “Multi-criteria optimization in answer set programming,” in ICLP (Technical Communications), ser. LIPIcs, J. P. Gallagher and M. Gelfond, Eds., vol. 11. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2011, pp. 1–10.Google Scholar
- J. Argelich, D. Le Berre, I. Lynce, J. Marques-Silva, and P. Rapicault, “Solving linux upgradeability problems using Boolean optimization,” in LoCoCo, ser. EPTCS, I. Lynce and R. Treinen, Eds., vol. 29, 2010, pp. 11–22.Google Scholar
- K. Smyth, H. H. Hoos, and T. Stützle, “Iterated robust tabu search for MAX-SAT,” in Canadian Conference on AI, ser. Lecture Notes in Computer Science, Y. Xiang and B. Chaib-draa, Eds., vol. 2671. Springer, 2003, pp. 129–144. Google ScholarDigital Library
- M. H. Liffiton and K. A. Sakallah, “Algorithms for computing minimal unsatisfiable subsets of constraints,” J. Autom. Reasoning, vol. 40, no. 1, pp. 1–33, 2008. Google ScholarDigital Library
- J. Marques-Silva, F. Heras, M. Janota, A. Previti, and A. Belov, “On computing minimal correction subsets,” in IJCAI, F. Rossi, Ed. IJCAI/AAAI, 2013. Google ScholarDigital Library
- “Package upgradability problem solver,” http://sat.inesc-id.pt/˜mikolas/sw/packup/.Google Scholar
- N. Eén and N. Sörensson, “An Extensible SAT-solver,” in Theory and Applications of Satisfiability Testing, 2003, pp. 502–518.Google Scholar
- J. Vouillon and R. Di Cosmo, “Broken sets in software repository evolution,” in ICSE, D. Notkin, B. H. C. Cheng, and K. Pohl, Eds. IEEE / ACM, 2013, pp. 412–421. Google ScholarDigital Library
- S. Bouveret and M. Lemaˆıtre, “Computing leximin-optimal solutions in constraint networks,” Artif. Intell., vol. 173, no. 2, pp. 343–364, 2009. Google ScholarDigital Library
- M. Gebser, R. Kaminski, and T. Schaub, “aspcud: A Linux package configuration tool based on answer set programming,” in Proceedings of the Second International Workshop on Logics for Component Configuration (LoCoCo’11), ser. Electronic Proceedings in Theoretical Computer Science (EPTCS), C. Drescher, I. Lynce, and R. Treinen, Eds., vol. 65, 2011, pp. 12–25.Google ScholarCross Ref
- “Apt – Debian Wiki,” https://wiki.debian.org/Apt, accessed: 2014-02-27.Google Scholar
- “Portal:Libzypp – openSUSE,” http://en.opensuse.org/Portal:Libzypp, accessed: 2014-02-27.Google Scholar
Index Terms
- Towards efficient optimization in package management systems
Recommendations
Taxonomy of Package Management in Programming Languages and Operating Systems
PLOS '19: Proceedings of the 10th Workshop on Programming Languages and Operating SystemsPackage management is instrumental for programming languages and operating systems, and yet it is neglected by both areas as an implementation detail. For this reason, it lacks the same kind of conceptual organization: we lack terminology to classify ...
Containing Malicious Package Updates in npm with a Lightweight Permission System
ICSE '21: Proceedings of the 43rd International Conference on Software EngineeringThe large amount of third-party packages available in fast-moving software ecosystems, such as Node.js/npm, enables attackers to compromise applications by pushing malicious updates to their package dependencies. Studying the npm repository, we observed ...
Comments