Average as well as total?

[david-a-wheeler]

Can the average as well as total be reported (with "current" dependencies averaged as 0)?

Currently this calculation considers "I have 20 dependencies out of 100 that are one year out of date" with "I have two dependencies, each 10 years out of date". I'd worry more about the latter.

I realize averages aren't in the cited paper, but it's an obvious extension.

[jaredbeck]

Can the average as well as total be reported (with "current" dependencies averaged as 0)? Currently this calculation considers "I have 20 dependencies out of 100 that are one year out of date" with "I have two dependencies [out of 100] each 10 years out of date". I'd worry more about the latter.

Hi David, I agree. In my experience the later is more dangerous.

How would the average be calculated? In the example, both systems have a per-dependency average of 0.2 libyears, right? Or, would "current" dependencies be omitted from the calculation?

As a side note, I think some people have been using the --versions option to identify this kind of outlier. Of course, it is only useful for dependencies that follow SemVer.

PS: I'd be curious to hear how you're using metrics like this at the Linux Foundation!

[david-a-wheeler]

Whups, you're right about the example. I meant to have the latter be "out of 10" instead of "out of 100".

Average is just libyears/(# dependencies). So both of the examples I wrote would have 0.2 libyears, while my intended example "I have two dependencies [out of 10] each 10 years out of date" would have an average libyears of 2.

My intended point, poorly expressed, is that the average is a better way to compare between projects. Projects with more dependencies will practically always have more libyears, no matter what; I think the average is a better indicator of application maintenance.

[jaredbeck]

.. my intended example "I have two dependencies [out of 10] each 10 years out of date" would have an average libyears of 2.

Would you put the message at the bottom, next to the total?

- System is 20 libyears behind
+ System is 20 libyears (average 2) behind

I think I'd prefer a flag for this, e.g. --average, my theory being that a single number, as the default, is less intimidating and will thus drive adoption. What do you think, @shanecav84 ?

[shanecav84]

An average metric sounds good to me. In this interest of having a single number as output, I think an --average flag for all the metrics would be suitable:

libyear-bundler --libyears --average # Average libyears libyear-bundler --releases --average # Average number of out-of-date releases libyear-bundler --versions --average # Average major, minor, patch versions out-of-date

[replaid]

Other approaches that could be considered to get a useful "single number" for this type of analysis:

Median (50 percentile)? Other percentile? Report the percentile younger/older than a specified threshold?

[github-actions[bot]]

This issue has been automatically marked as stale due to inactivity. The resources of our volunteers are limited. Bug reports must provide a script that reproduces the bug, using our template. Feature suggestions must include a promise to build the feature yourself. Thank you for all your contributions.