{"id":28863937,"url":"https://github.com/chains-project/lockfiles-comprehensive-study","last_synced_at":"2026-02-03T04:02:13.447Z","repository":{"id":275982056,"uuid":"927805094","full_name":"chains-project/lockfiles-comprehensive-study","owner":"chains-project","description":null,"archived":false,"fork":false,"pushed_at":"2025-05-07T18:50:24.000Z","size":21,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-07T19:44:56.578Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chains-project.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-05T15:17:42.000Z","updated_at":"2025-05-07T18:50:28.000Z","dependencies_parsed_at":"2025-02-05T16:44:01.988Z","dependency_job_id":"f4aa523a-eceb-4a56-b44c-d12b3332bd10","html_url":"https://github.com/chains-project/lockfiles-comprehensive-study","commit_stats":null,"previous_names":["yogyagamage/lockfiles","chains-project/lockfiles-comprehensive-study"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/chains-project/lockfiles-comprehensive-study","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chains-project%2Flockfiles-comprehensive-study","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chains-project%2Flockfiles-comprehensive-study/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chains-project%2Flockfiles-comprehensive-study/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chains-project%2Flockfiles-comprehensive-study/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chains-project","download_url":"https://codeload.github.com/chains-project/lockfiles-comprehensive-study/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chains-project%2Flockfiles-comprehensive-study/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260907295,"owners_count":23080618,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-20T08:13:41.537Z","updated_at":"2026-02-03T04:02:13.442Z","avatar_url":"https://github.com/chains-project.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Lockfiles Across Package Managers\n\nThis repository contains all the materials used and produced as part of our study \"The Design Space of Lockfiles Across Package Managers\".\n\n\n## data/\nThis folder contains quantitative data mined from GitHub repositories, related to lockfile usage across different package managers.\n\nEach JSON file corresponds to a specific package manager and includes the following information for each mined repository:\n\n- Repository URL\n- Approximate number of dependencies\n- Project creation date\n- Lockfile creation date\n- A boolean flag (gap) indicating whether the lockfile was committed within six months of project creation\n\n## scripts/\nThis folder contains the scripts used to mine the lockfiles from GitHub repositories. It has two sub-folders. \n\n - lockfile-miner : Mines GitHub repositories that satisfy the conditions specified in search-config.json and use one of the seven package managers (npm CLI, pnpm, Cargo, Go, Gradle, Pipenv, or Poetry). It also checks whether a corresponding lockfile exists in each repository.\n      - The default conditions are: \n        - 300 commits\n        - 10 contributors\n        - 42 stars\n        - 2019-09-30 as the last creation date\n - filters: Filters out projects that do not specify any dependencies in the dependency configuration file.\n    \nThe total number of collected projects and resulting projects after the filtering step is given below. \n\n|        | npm CLI | pnpm | Cargo | Go | Gradle | Pipenv | Poetry\n| -------- | ------- | ------- | ------- | ------- | ------- | ------- | ------- |\n| Total # of projects | 1922 | (1922) | 1089 | 1202 | 325 | 29 | 314 |\n| # of projects with at least one dependency | 1916 | (1916) | 1089 | 1188 | 323 | 29 | 314 |\n\n\n## developer_interviews/\n\nThis directory contains materials related to our qualitative interviews with developers:\n\n- interview_protocol.pdf: The semi-structered interview protocols used during the interviews.\n\n- invitation_email.pdf: The email templates used to invite participants.\n\n- codebook.xlsx: The codebook.\n\n## references/\n\nThis folder includes the supporting documentation and source code links used in the study.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchains-project%2Flockfiles-comprehensive-study","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchains-project%2Flockfiles-comprehensive-study","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchains-project%2Flockfiles-comprehensive-study/lists"}