Professional Documents
Culture Documents
Group Members: ID No
The Dependency Analyzer app is an interactive tool for visualizing and analyzing
dependencies among files.
Every design, whether it is a folder, a Simulink ® model, or a project, requires a set of files
and products to run successfully. Dependencies include data files, model references,
linked libraries, MATLAB® and C/C++ code, Stateflow® charts, and requirements
documents.
The dependency paradigm gained prominence in the late 1950s and 1960s as a critique of
modernization theory, with scholars trying to understand why development occurred so
slowly in the developing world even when following the same capitalist models of
development as developed countries. Although originating in structuralism, Marxism is
usually viewed as the dominant tradition from which dependency arose (Love, 1990).
Building on traditional Marxist ideas of class inequality being caused by capitalism,
dependency theorists took a political economy approach to explore the reasons for
inequalities between nations (Lacher & Nepal, 2010
Software dependencies are external libraries, frameworks, and other components that a
piece of software relies on in order to function properly. These dependencies may be
included in the software directly, or they may be installed separately. Examples of
software dependencies include libraries for handling data, user interface frameworks
(such as React or Next.js), and utilities for working with databases.
There are several reasons why we add internal or external dependencies to our
applications, the most compelling ones are:
1. Speed up development
2. Increase functionality
3. Fulfill organization’s requirements and specifications
Speeding up development: Reusing existing code components for common tasks, such
as interfacing with I/O devices or networking, accelerates development. Leveraging well-
tested libraries, components, or frameworks saves time and resources by avoiding the
need to reinvent functionality from scratch.
Stability Maintenance: Dependency awareness helps anticipate and mitigate issues from
changes in external components, ensuring software stability.
There are several steps that developers can take to maintain software dependencies
effectively. Some of these steps include:
Identify dependencies: The first step in maintaining dependencies is to identify all of the
dependencies that are used by the software. This can be done by examining the code and
the build system, and by using tools such as dependency management libraries and
package managers. By identifying dependencies, developers can ensure that they are
aware of all of the dependencies that are used by the software. Codiga helps you by
scanning and identifying all dependencies of your project.
Use a package manager: Package managers are tools that are used to manage the
installation and removal of software packages. Most package managers include features
for managing dependencies, including installing and updating them. By using a package
manager, developers can ensure that dependencies are installed and managed
consistently, and they can avoid conflicts and other problems. For example, when using
npm, you can automatically update your dependencies.
MATLAB toolstrip: On the Apps tab, under MATLAB, click the Dependency
Analyzer icon .For instructions on how to run a dependency analysis on a folder or a file.
Project toolstrip: On the Project tab, click the down arrow to expand the Tools gallery.
Under Apps, click Dependency Analyzer. Perform a project dependency analysis to
explore the dependency graph using source control and project-specific views. For more
details for projects that contain models, Dependency Analyzer provides model-specific
views Simulink Editor: On the Modeling tab, on the far right of the Design section, click
the arrow. Under Dependencies, click Dependency Analyzer. Perform a dependency
analysis to examine models, subsystems, and libraries referenced directly or indirectly by
the model using model-specific views.
There’s no limit in the size of the dependencies. A dependency can be thousands of lines
of code, like a full-fledged framework, or it can be a one liner. There is a whole range of
different types of software dependencies.
Resources – Collections of files, for example templates, media (audio, video or images),
plain text files or blobs that need to be included by applications to execute correctly.
Package – A collection of modules that hold in general the same functional purpose.
Usually a directory that contains a file that describes metadata about the package.
Frameworks – A framework embodies some abstract design, with more behavior built
in. In order to use it you need to insert your behavior into various places in the
framework. The framework’s code then calls your code at these points.
Identification:- Identify direct and indirect dependencies using tools like static code
analysis or manual inspection.
Management: - Implement strategies like version pinning and regular updates using
dependency management tools.
Documentation: - Document dependencies to maintain transparency and inform
stakeholders of project dependencies.
jdeps: - jdeps is a tool provided by Oracle as part of the Java Development Kit (JDK). It's
used for analyzing the dependencies of Java byte code. jdeps helps developers understand
the dependencies of their Java applications and libraries, aiding in managing
dependencies and ensuring compatibility when updating Java versions.
Apache Maven:- Widely used for Java projects. Manages dependencies using XML-
based configuration (pom.xml). Automatically resolves transitive dependencies from
remote repositories.
Gradle:- Supports multiple languages like Java, Kotlin, and Groovy. Uses DSL
(Domain-Specific Language) or Kotlin for build scripts. Offers flexibility and
extensibility in dependency management and automation.
npm:- Default package manager for Node.js and JavaScript. Manages dependencies
declared in package.json. Widely used for frontend and backend JavaScript development.
pip:- Package installer for Python. Installs and manages Python packages from PyPI.
Hybrid Analysis: Combining static and dynamic analysis to leverage their strengths:
using static for early detection and dynamic for validating and refining results.
Risk Mitigation: Minimizes system failures, data breaches, and legal liabilities.
Time Series Analysis: Visualizations tracking changes in dependencies over time, aiding
in trend analysis and forecasting and Code Maps.
False Positives: May flag non-issues, leading to unnecessary investigations and changes.
False Negatives: Can miss genuine issues, leaving software vulnerable to hidden risks.
Limited Language Support: Some analyzers may support only specific languages,
hindering multi-language projects.
Difficulty with Dynamic Dependencies: Static analysis focus may struggle with
dynamically generated dependencies.
Complexity with Large Codebases: Challenges arise with analyzing large or complex
codebases, leading to performance issues.
False Positives/Negatives: Risk of false alarms or missed issues can result in wasted
time or overlooked problems.
Limited Scope: Some analyzers may overlook transitive dependencies or third-party
library dependencies.
Difficulty with Legacy Systems: Accuracy may suffer with outdated or poorly
documented dependencies , Tool Complexity Limited Integration and Challenges in
integrating with existing workflows or toolchains may arise.
Jdeps dependency analyzer for java project named Water and Electric reception and
related calculator
jdeps –summary<the jar file> output of the file summary (summary dot source file)
jdeps –summary<the jar file> output of the file summary ( <jar file> dot source file)
jdeps –vrbose:package <jar file> or jdeps –<jar file>
.class
-recursive or -R
-dotoutput
-profile
Reference:
https://www.mathworks.com/help/simulink/ug/scope-and-limitations.html
https://www.researchgate.net/publication/232028782The_Origins_of_Dependency_Analysis
https://www.codiga.io/blog/maintain-software-dependencies/
https://jfrog.com/blog/a-journey-of-a-thousand-binaries/