Study on OSS maven library incompatiblities and vunerabilities: google-guava

[raux]

Dear Github OSS Developer,

My name is Raula Kula, a research assistant prof at Osaka University, Japan. Currently I am studying the maintenance of Maven Libraries. I am currently focused on OSS incompatibilites, release management and the varying reasons for library migration.

As a part of my study I particularity focused on the google guava library. https://github.com/google/guava. Particuarly I am interested in the migration to guava library version 18.0.

We noticed that your project on Github is still configured to depend on a previous incompatible version of fileupload at https://github.com/graphaware/neo4j-framework/blob/master/parent-pom/module/pom.xml

We understand that there are many reasons for not migrating, thus we be appreciate if you could simply detail the following:

1. Were you aware of this new library and what features it could add to your project?
2. What are some factors that influence you not to update?
3. What would be a key factor that would inspire you to migrate to the next release?

Also feel free to detail any other information to help us understand your decision. Again, thank you for taking your time off your busy schedule and hope to hear from you soon.

Sincerely, Raula

[bachmanm]

1. No, but you made me aware, so we just upgraded
2. Unawareness
3. Not using out-of-date libs, provided our tests still pass after the upgrade