Strong Dependencies Between Software Components

Home , Audacious (software), Caudium (web server), Cervisia, Claws Mail, GDK, GLib

Speciﬁc Targeted Research Project Contract no.214898 Seventh Framework Programme: FP7-ICT-2007-1

Technical Report 0002

MANCOOSI

Managing the Complexity of the Open Source Infrastructure

Strong Dependencies between Software Components

Pietro Abate ([email protected]) Jaap Boender ([email protected]) Roberto Di Cosmo ([email protected]) Stefano Zacchiroli ([email protected]) Universit`eParis Diderot, PPS UMR 7126, Paris, France

May 24, 2009

Web site: www.mancoosi.org Contents

1 Introduction ...... 2 2 Strong dependencies ...... 3 3 Strong dependencies in Debian ...... 7 3.1 Strong vs direct sensitivity: exceptions ...... 9 3.2 Using strong dominance to cluster data ...... 11 3.3 Debian is a small world ...... 11 4 Eﬃcient computation ...... 12 5 Applications ...... 13 6 Related works ...... 16 7 Conclusion and future work ...... 17 8 Acknowledgements ...... 18 A Case Study: Evaluation of debian structure ...... 21

Abstract

Component-based systems often describe context requirements in terms of explicit inter-component dependencies. Studying large instances of such systems—such as free and open source software (FOSS) distributions—in terms of declared dependencies between packages is appealing. It is however also misleading when the language to express dependencies is as expressive as boolean formulae, which is often the case. In such settings, a more appropriate notion of component dependency exists: strong dependency. This paper introduces such notion as a ﬁrst step towards modeling semantic, rather then syntactic, inter-component relationships. Furthermore, a notion of component sensitivity is derived from strong dependencies, with applications to quality assurance and to the evaluation of upgrade risks. An empirical study of strong dependencies and sensitivity is presented, in the context of one of the largest, freely available, component-based system.

1 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

1 Introduction

Component-based software architectures [21] have the property of being upgradeable piece-wise, without necessarily touching all the pieces at the same time. The more pieces are affected by a single upgrade, the higher the impact of the upgrade can be on the usual operations performed by the overall system; this impact can either be beneficial (if the upgrade works as planned) or disastrous (if not). Package-based FOSS (Free and Open Source Software) distributions are possibly the largest-scale examples of component-based architectures, their upgrade effects are experienced daily by million of users world-wide, and the historical data concerning their evolution is publicly available. Within FOSS distributions, software components are managed as packages [6]. Packages are described with meta-information, which include complex inter-relationships describing the static requirements to run properly on a target system. Requirements are expressed in terms of other packages, possibly with restrictions on the desired versions. Both positive requirements (dependencies) and negative requirements (conflicts) are usually allowed.

Example 1.1. An excerpt of the inter-package relationships of the postfix Internet mail transport agent in Debian GNU/Linux1 currently reads: Package: postfix Version: 2.5.5 -1.1 Depends: libc6 (>= 2.7-1), libdb4.6, ssl-cert, libsasl2-2, libssl0.9.8 (>= 0.9.8f-5), debconf (>= 0.5) | debconf-2.0, netbase, adduser (>= 3.48), dpkg (>= 1.8.3), lsb-base (>= 3.0-6) Conflicts : libnss-db (<< 2.2-3), smail, mail-transport-agent, postfix-tls Provides: mail-transport-agent, postfix-tls

As this short example shows, inter-package relationships can get quite complex, and there are plenty of more complex examples to be found in distributions like Debian. In particular, the language to express package relationships is not as simple as flat lists of component predicates, but rather a structured language whose syntax and semantics is expressed by conjunctive normal form (CNF) formulae [17]. In Example 1.1, commas represent logical conjunctions among predicates, whereas bars (“|”) represent logical disjunctions. Also, indirections by the mean of so-called virtual packages can be used to declare feature names over which other packages can declare relationships; in the example (see: “Provides”) the package declares to provide the features called postfix-tls and mail-transport-agent. Within this setting, it is interesting to analyse the dependency graph of all packages shipped by a mainstream FOSS distribution. This graph is potentially very large as distributions like Debian are composed of several tens of thousands packages but it is surely smaller than widely studied graphs such as the World Wide Web graph [1]. It is also more expressive, in the sense that it contains different types of edges (dependencies and conflicts for example) and allows the use of disjunctions to express alternative paths. Simple graph encodings of the package universe have been proposed in the past [14, 16], to study the adherence of the dependency graph to small-world network laws. In such encodings, inter-package relationships were approximated by a simple binary relation of direct dependency, which is noted p → q in this paper. Formally,

1http://www.debian.org

Mancoosi D5.1 Strong Dependencies between Software Components page 2 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI p → q holds whenever package q occurs syntactically in the dependency formula of p. This notion of direct dependency does not distinguish between q occurring in conjunctive or disjunctive position, ignoring the semantic difference between conjunctive and disjunctive dependencies, as well as the presence of conflicts among components. In this paper we argue that there is a different dependency graph to be studied to grasp meaningful relationships among software components: a graph that represents the semantics of inter-component relationships, in which an edge between two components is drawn only if the first cannot be installed without installing the second. We call such a graph the strong dependency graph, argue that it is better suited to study package universes in component-based architectures, and study its network properties. Finally, we argue that the strong dependency graph can be used to establish a measure of package “sensitivity” which has several uses, from distribution wide quality assurance to establishing the potential risks of package upgrades. As a relevant, yet empirical, case study we build and analyse the strong dependency graph of present and past FOSS distributions, as well as the corresponding package sensitivity. The rest of the paper is structured as follows: Section2 introduces the notion of strong dependency, highlights the differences with plain dependencies and proposes related sensitivity metrics. Section3 computes dependencies and sensitivity of components of a large and popular FOSS distribution. Section4 gives an efficient algorithm to compute strong dependencies for large software repositories. Section5 discusses applications of the proposed metrics for quality assurance and upgrade risk evaluation. Before concluding, Section6 discusses related research.

2 Strong dependencies

Component dependencies can be used to compute relevant quality measures of software repositories, for instance to identify particularly fragile components [7, 13, 15]. It is well known that small-world networks are resilient to random failures but particularly weak in the presence of attacks, due to the existence of highly connected hub nodes [2]. To identify the components whose modiﬁcation (e.g., removal or upgrade) can have a high potential impact on the stability of a complex software system, it is natural to look for hubs on which a lot of other components depend. In FOSS distributions, as well as many other component-based systems [3,4], the language used to express inter-package relationships is expressive enough to cover propositional logic. As a consequence, considering only plain connectivity—i.e., the possibility of going from one package to another following dependency arcs—is no longer meaningful to identify hubs. For example, if p is to be installed and there exists a dependency path from p to q, it is not true that q is always needed for p, and in some cases q may even be incompatible with p. In other terms, the syntactic connectivity notion does not tell much about the real structure of dependencies: we need to go further and analyse the semantic connectivity among software components induced by the explicit dependencies in the graph. That led us to the following deﬁnition.

Deﬁnition 2.1 (Strong dependency). Given a repository tag">R, we say that a package p in R strongly depends on a package q in R, written p ⇒R q, if there exists a healthy installation of R containing p, and every healthy installation of R containing p also contains q. We write Spreds(p)R for the set {q|q ⇒R p} of strong predecessors of a package p in R, and Scons(p)R for the set {q|p ⇒R q} of strong successors of p in R.

Mancoosi D5.1 Strong Dependencies between Software Components page 3 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

In the following, we will drop the R subscript when the repository is clear from the context. The notions of repository and healthy installation used here are from [17]; the underlying intuitions are as follows. A repository is a set of packages, together with dependencies and conflicts encoded as propositional logic predicates over other packages contained therein; an installation is a subset of the repository; an installation is said to be healthy when all its packages have their dependencies satisfied within the installation and dually their conflicts unsatisfied. Intuitively, p strongly depends on q with respect to R if it is not possible to install p without also installing q. Notice that the definition requires p to be installable in R as otherwise it would vacuously depend on all the packages q in the repository. Due to the complex nature of dependencies, there can be a huge gap with the syntactic dependency graph as naively extracted from the metadata. Example 2.2 (Direct and strong dependencies). In simple cases, conjunctive direct dependencies translate to identical strong dependencies whereas disjunctive ones vanish, as for the packages of the following repository:

Package: p p a 3 4 Depends: q, r 3 W 44 33 44 3 4 Õ 3 Õ 4 Package: a q r b c Depends: b | c

We have that p → q, p → r and p ⇒ q, p ⇒ r (because p cannot be installed without either q or r), and that a → b, a → c whereas a 6⇒ b, a 6⇒ c (because a does not forcibly require neither b nor c). In general however, the situation is much more complex, like in the following repository:

Package: p p 3 Depends: q | r W 3 # 33 33 Package: r q Õ r Conflicts : p

Package: q

Notice that p ⇒ q in spite of q not being a conjunctive dependency of p, and r is incompatible with p, despite the fact that p → r.

Proposition 2.3 (Transitivity). If p ⇒R q and q ⇒R r then p ⇒R r.

Proof. Trivial from Deﬁnition 2.1.

On top of the strong and direct dependency notions, we can deﬁne the corresponding dependency graphs. Deﬁnition 2.4 (Dependency graphs). The strong dependency graph SG(R) of a repository R is the directed graph having as vertices the packages in R and as edges all pairs hp, qi such that p ⇒ q. Note that the SG(R) is transitively closed as direct consequence as the transitivity of the strong dependency relation. Similarly, the direct dependency graph DG(R) is the directed graph having as vertices the packages in R and as edges all pairs hp, qi such that p → q.

Mancoosi D5.1 Strong Dependencies between Software Components page 4 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

p1 ___ pi ___ pn p1 ___ pi ___ pn s1 ___ sk p1 ___ pi ___ pn p1 ___ pi ___ pn D 2 A r A A DD 2 zz AA | | rr AA | AA | D 2 z A || || rr A || A || D D 2zz AA || || rr AA || AA || DD zz22 A | | rr A | A | Dz 2 A ~|| || rr A ~|| A ~|| zzDD 2 q || rr q q zz DD 2 | rr H z D 22 || rr zz DD 2 | rr zz DD2 ||rr q Ö |z " r ||rr r yr}|r r rØ (a) Coincidence (b) General case of strong dependency (c) Ordered (d) Equivalent

Figure 1: Some signiﬁcant conﬁgurations in the strong dependency graph

The dependency graphs can be used to formalise, via the notion of impact set, the intuitive notion of the set of packages which are potentially aﬀected by changes in a given package.

Deﬁnition 2.5 (Impact set of a component). Given a repository R and a package p in R, the impact set of p in R is the set Is(p, R) = {q ∈ R | q ⇒ p}. Similarly, the direct impact set of p is the set DirIs(p, R) = {q ∈ R | q → p}.

While the impact set gives a sound lower bound to the set of packages which can be potentially affected by a change in a package, the direct impact set offers no similar guarantees. Note that by Definition 2.1, for all package p, p ∈ Is(p, R). Package sensitivity—a measure of how sensitive is a package, in terms of how many other packages can be affected by a change in it—can now be defined as follows.

Deﬁnition 2.6 (Sensitivity). The strong sensitivity, or simply sensitivity, of a package p ∈ R is |Is(p, R)| − 1, i.e., the cardinality of the impact set minus 1.2 Similarly, the direct sensitivity is the cardinality of the direct impact set.

The higher the sensitivity of a package p, the higher the minimum number of packages which will be potentially aﬀected by a change, such as a new bug, introduced in p. We write |p| and ||p|| to denote the direct and strong sensitivity of package p, respectively. The following basic property of impact sets and sensitivity follows easily from the deﬁnitions.

Proposition 2.7 (Inclusion of impact sets). If p ⇒R q then Is(p, R) ⊆ Is(q, R). As a consequence, the sensitivity of p in R is smaller than the sensitivity of q in R.

When analysing a large component base, like Debian’s, which contains about 22’000 components, it is important to be able to identify some measure that can be used to easily pinpoint “interesting” packages. Sensitivity can be (and actually is, in our tools) used to order packages, bringing the most sensitive to the forefront. But sensitivity alone is not enough: we do not want to spend time going through hundreds of packages with similar sensitivity to ﬁnd the one which is really important, so we need to keep some of the structure of the strong dependency graph. A ﬁrst step is to group together only those packages that are related by strong dependencies, but our analysis of the Debian distribution led us to discover that we really need to go further and distinguish the cases of related components in the strong dependency graph from the cases

2The −1 accounts for the fact that the impact set of a package always contains itself. This way we ensure that sensitivity 0 preserves the intuitive meaning of “no package potentially aﬀected”.

Mancoosi D5.1 Strong Dependencies between Software Components page 5 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI of unrelated ones: in the picture in figure1 3, configuration 1c shows q that clearly dominates r, as the impact set of r really comes from that of q, in configuration 1d, q and r are clearly equivalent, while in configuration 1a, q and r are totally unrelated, and in configuration 1b, q strong depends on r but q does not generate all the impact set of r. Yet, the packages q and r all have essentially the same sensitivity values (n or n + 1) in all the first three cases (and n + k in the fourth, which can also contribute to the mass of packages of sensitivity similar to n). To distinguish these different configurations in strong dependency graphs, we introduce one last notion.

Deﬁnition 2.8 (Strong dominance). Given two packages p and q in a repository R, we say that p strongly dominates q (p

• Is(p, R) ⊇ (Is(q, R) \ Scons(p)), and

• p strongly depends on q

The intuition of strong dominance, is that a package p dominates q if the strong dependency of p on q explains the impact set of q: the packages that q has an impact on are really those that p has an impact on, plus p. This notion has some similarity in spirit with the standard notion of dominance used in control ﬂow graphs, but is technically quite diﬀerent, as strong dependency graphs are transitive, and have no start node. Using the transitivity of strong dependencies, the following can be established.

Proposition 2.9. The strong domination relation is a partial pre-order.

Proof. Reﬂexivity is trivial to check. For transitivity, suppose we have p

This pre-order is now able to distinguish among the cases of Figure1. In Figure 1c we have that q

Deﬁnition 2.10 (Relative strong dominance). Given two packages p and q in a repository R, we say that p strongly dominates q up to z z (p

|(Is(q,R)\Scons(p))\Is(p,R)| • |Is(p,R)| ∗ 100 = z, and • p strongly depends on q

3Edges implied by transitivity are omitted from the diagrams for the sake of clarity.

Mancoosi D5.1 Strong Dependencies between Software Components page 6 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

Figure 2: Evolution of packages, direct, and strong dependencies across Debian releases.

0 It is easy to see that p

3 Strong dependencies in Debian

Due to the different properties of direct and strong dependencies,the two measures of package sensitivity can differ substantially. To verify that, as well as other properties of the underlying dependency graphs, we have chosen Debian GNU/Linux as a case study.4The choice is not casual: Debian is the largest FOSS distribution in terms of number of packages (about 220000 in the latest stable release) and, to the best of our knowledge, the largest component-based system freely available for study. All stable releases of Debian have been considered, from 1994 to February 2009. For each release the archive section main and in particular the i386 architecture has been considered; the choices are justified by the fact that they identify both the most used parts of Debian,5 and that they are the only parts which have been part of all Debian releases and hence can be better compared across years. The obtained archive parts have been analysed by building both the

4The data presents in this section, as well as what was omitted due to space constraints, are available to download from http://www.mancoosi.org/data/strongdeps/. The tools used to compute the data are released under open source licenses and are available from the Subversion repository at https://gforge.info.ucl.ac. be/svn/mancoosi. 5According to the Debian popularity contest, available at http://popcon.debian.org

Mancoosi D5.1 Strong Dependencies between Software Components page 7 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI direct and strong dependency graphs; while the construction of the former is a trivial exercise, the implemented efficient way of constructing the latter is discussed in Section4. To build the direct dependency graph the Depends and Pre-Depends inter-package relationships have been considered [12]. Figure2 shows the resulting evolution of the number of graph nodes and edges across all Debian releases. The size of the distribution has grown steadily, yet super-linearly, across most releases [20, 11], but the growth rate has decreased in the past two releases. As expected, strong and direct sensitivity are not entirely unrelated, given that the former is the semantic view of the latter, hence they tend to grow together. More precisely the total number of strong dependencies is higher, in all releases, than the total number of direct dependencies. A partial explanation comes from the fact that the strong dependency graph is a transitive closed graph—property inherited by the underlying strong dependency relationship—whereas the direct dependency graph is not. Performing the transitive closure of the direct dependency graph however would be meaningless, because the propagation rules of disjunctive and conjunctive dependencies are not expressible simply in terms of transitive arcs. We have studied the apparent correlation between strong and direct dependencies analysing the respective sensitivity measures for each release. Table1 confirms the correlation and gives some statistical data about package sensitivity. The first column is the Spearman ρ correlation index,6 a commonly used non-parametric correlation index that is not sensible to exceptional values [8]. An index between 0.5 and 1.0—in all the releases we have ρ ∈ [0.91, 0.94]—is commonly interpreted as a strong correlation between the two variables. The more common correlation index r for the same set of data (not shown in the table) gives consistently a value of 0.55: the huge difference among ρ and r indicates that the few exceptional values in the data series have really high weight, and we will see, when looking at some of these exceptional value that this is indeed the case. The remaining columns show mean and standard deviation for, respectively, direct sensitivity, strong sensitivity, and ∆ = ||p|| − |p|. In particular we note an increasingly high standard deviation in latest Debian releases, which hints that there is an increasing number of peaks.

6The statistical info for the ﬁrst two rows are possibly not relevant, due to the small size of the two releases.

Table 1: Direct and strong sensitivity across Debian releases: correlation, mean, standard deviation. Rel. ρ | · | || · || ∆ 0.93 0.92 1.00, σ2.79 1.05, σ4.73 1.00, σ4.00 1.1 0.93 1.70, σ13.91 2.90, σ25.96 1.88, σ18.56 1.2 0.91 1.79, σ18.43 2.99, σ32.27 1.73, σ22.42 1.3 0.91 1.92, σ21.95 3.06, σ38.24 1.69, σ25.85 2.0 0.93 2.29, σ26.73 4.03, σ50.88 2.50, σ36.56 2.1 0.94 2.60, σ34.92 4.93, σ64.55 2.93, σ46.61 2.2 0.92 3.29, σ44.24 6.89, σ90.47 4.88, σ68.76 3.0 0.92 3.99, σ59.25 10.49, σ131.5 8.02, σ92.34 3.1 0.92 5.29, σ91.42 22.36, σ282.0 19.39 , σ246.4 4.0 0.92 5.55, σ85.10 28.23, σ352.4 24.50 , σ313.9 5.0 0.93 5.07, σ86.16 36.05, σ480.3 32.55 , σ440.1

Mancoosi D5.1 Strong Dependencies between Software Components page 8 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

Figure 3: Correlation between strong and direct sensitivity in Debian 5.0 “Lenny”.

Figure3 shows in more detail the correlation phenomenon for Debian 5.0 “Lenny”, the latest and largest Debian release. The ﬁgure plots strong vs direct dependencies for each package in the release. In most cases, strong sensitivity is higher than direct sensitivity, yet close: 82.9% of the packages fall in a standard deviation interval from the mean of ∆; the next percentile ranks are 97.4% for two standard deviations, and 99.8% for three. The remaining cases allow for important exceptions of packages with very high strong sensitivity and very low direct sensitivity. Such exceptions are extremely relevant: metrics built on direct sensitivity only would totally overlook packages with a huge potential impact.

3.1 Strong vs direct sensitivity: exceptions

It’s time now to look at some of these exceptional cases to see how relevant they are. Table2 lists the top 30 packages of Lenny having the largest ∆. libc6 is the package shipping the C standard library which is required, directly or not, by almost all applications written or otherwise linked to the C programming language. About a half of all the packages in the distribution depends directly on libc6, as can be seen in row 13 of the table, but almost all packages in the archive cannot be installed without it, as the strong sensitivity of libc6 is 20’126, on a total of 22’311 packages. In this case direct sensitivity does not inhibit identifying the package as a sensitive one, though, even if it underestimates widely its importance. Now consider row 1 of Table2: gcc-4.3-base, which is a package without which libc6 cannot be installed. It is the package with the largest ∆, having direct sensitivity of only 43 and strong sensitivity of 20’128. Ranking its sensitivity with the direct metric would have led to completely miss its importance: a bug into it can potentially aﬀect all packages in the

Mancoosi D5.1 Strong Dependencies between Software Components page 9 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

Table 2: Packages from Debian 5.0, sorted by the diﬀerence between strong and direct impact sets. # Package |p| ||p|| ||p|| − |p| 1 gcc-4.3-base 43 20128 20085 2 libgcc1 3011 20126 17115 3 libselinux1 50 14121 14071 4 lzma 4 13534 13530 5 coreutils 17 13454 13437 6 dpkg 55 13450 13395 7 libattr1 110 13489 13379 8 libacl1 113 13467 13354 9 perl-base 299 13310 13011 10 libstdc++6 2786 14964 12178 11 libncurses5 572 11017 10445 12 debconf 1512 11387 9875 13 libc6 10442 20126 9684 14 libdb4.6 103 9640 9537 15 zlib1g 1640 10945 9305 16 debianutils 86 8204 8118 17 libgdbm3 68 8148 8080 18 sed 11 8008 7997 19 ncurses-bin 1 7721 7720 20 perl-modules 214 7898 7684 21 lsb-base 211 7720 7509 22 libxdmcp6 15 6782 6767 23 libxau6 42 6795 6753 24 libx11-data 1 6693 6692 25 libxcb-xlib0 3 6695 6692 26 libxcb1 87 6778 6691 27 x11-common 137 6317 6180 28 perl 2169 7898 5729 29 libmagic1 28 5585 5557 30 libpcre3 164 5668 5504 ... distribution. Note however that gcc-4.3-base is not a direct dependency of libc6, showing once more that to grasp this kind of inter-package relationships the semantics, rather than the syntax, of dependencies must be put into play. In the second row, libgcc1 shows a similar pattern, being this time a direct dependency of libc6. The third row and many others in the table show more complex patterns. Ordering packages only according to sensitivity might lead to oversee other important characteristic. Pos- sibly the most extreme cases are those of ncurses-bin and libx11-data, which are mentioned just once in all the explicit dependencies, and yet are really necessary for several thousand other packages. We believe this is suﬃciently conclusive evidence to totally dismiss, from now on, any analysis based on the syntactic, direct dependency graph, when considering component based systems with complex dependency languages.

Mancoosi D5.1 Strong Dependencies between Software Components page 10 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

libc6 perl-base perl-modules lsb-base libxcb-xlib0

1.044249 3.717135 1.224612

0.004968 libgcc1 1.066787 1.156938 dpkg 1.667794 3.152298 perl sed 1.269415 libxcb1 1.463560

0.004968 0.022303 0.111516 0.617054 1.314702 3.152298 0.044254 0.236023

gcc-4.3-base coreutils 4.973608 libacl1 0.267638 lzma libgdbm3 libxdmcp6 libxau6

0.089186 4.949833 0.245262 0.155925

libacl2 libselinux1 libattr1

Figure 4: Dominance relations among the topmost 20 sensitive packages

3.2 Using strong dominance to cluster data

Now we turn to the problem of presenting the sensitiveness information in a relevant way to a Quality Assurance team: we could simply print a list of package names, ordered by their sensitiveness; this would give a result quite similar to that of table2 above, just dropping the ﬁrst and fourth column. A smart Debian maintainer will surely spot the fact that gcc-4.2-base, libgcc1 and libc6 are related and would look at them together, but it would be diﬃcult to see relationships among the other packages in the list, even if we can see that many packages have impact sets of similar size.

Here is where our definition of relative strong dominance comes into play, allowing to build meaningful clusters that provide sensible information to the maintainers: Figure4 shows the graph of relative strong domination between the first 20 packages of Table2. Bold edges show strong domination as defined in Definition 2.8. Normal edges show relative domination, where the install sets of the two packages almost fully overlap, apart from a few packages (edges are labelled with the percentage z of Definition 2.10). This figure shows clearly that it is possible to isolate five clusters of related packages with similar sensitivity values; some of them may look surprising at first sight to a Debian maintainer, and evident after a little time spent exploring the package metadata: this actually confirms the real value of this way of presenting data.

3.3 Debian is a small world

We expected the strong dependency graph to retain the small world characteristics previously established for the direct dependency graph [14], but this required some extra effort to get sensible results: indeed, computing clustering coefficients and other similar measures on the strong dependency graph will yield very different values (as the strong dependency graph is transitive), so we first built a detransitivised version of the strong dependency graph, and computed the usual small world measures on it. Note that, since the strong dependency graph contains some cycles, the graph obtained by detransitivising it is not unique. The differences are however minor enough to not alter the overall results. The clustering coefficient and average path length of the detransitivised graph are, though slightly smaller, well within the range of small-world networks. More than half the edges of

Mancoosi D5.1 Strong Dependencies between Software Components page 11 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI the syntactic graph have disappeared, but this has not significantly affected either the graph clustering or the path length. The relevant statistics are summarised in Table 3.3. Some further notes from Table 3.3. First, both graphs contain one enormous (weakly connected) component, next to which all other components are of insignificant size (for the direct graph, there are 1’480 remaining packages in 1’424 components, which would make their average size just above 1; the ratio is similar for the strong graph). Second, when we look at the density of both graphs (the number of edges in the graph divided by the maximum possible number of edges), we see that both graphs are extremely sparse.

4 Eﬃcient computation

It is not evident that strong dependencies as deﬁned in Section2 are actually tractable in practise: from previous results [17,5] it is known that checking installability of a package (or co-installability of a set of packages) is an NP-complete problem. Even if in practise checking installability turns out to be tractable on real-world problem instances, the sheer number of instances that computing strong dependencies may require in general makes the problem in principle much harder. We start by observing that the problem of determining strong dependencies is decidable.

Proposition 4.1 (Decidability). Strong dependencies for packages in a ﬁnite repository R are computable.

Proof. Since R is finite, the set of all installations is also finite. Among these installations, finding the healthy one is just a matter of verifying locally the dependency relations. Then, for each p and q, it is enough to check all healthy installations to see whether q is present whenever p is.

If we want to know if a particular packages p strongly depends on q in a repository R however, the argument used in the proof of decidability leads to an algorithm that has exponential worst- case complexity in the size n of a repository R. One possible algorithm to ﬁnd all strong dependencies in a repository R is as follows. Require: R 6= ∅ strongdeps ← ∅ for all p, q ∈ R do if strong dependency(p, q, R) then

Table 3: Small-world characteristics for Debian 5.0. Direct dependency graph Strong depedency graph Vertices 22 311 22 311 Edges 107 796 40 074 Average degree 4.83 1.80 Clustering coeﬀ. 0.41 0.39 Average distance 3.18 2.86 Components (WCCs) 1425 2809 Largest WCC 20 831 19 200 Density 0.00022 0.000081

Mancoosi D5.1 Strong Dependencies between Software Components page 12 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

strongdeps ← strongdeps ∪ {p, q} end if end for return strongdeps Where the function strong dependency uses a SAT solver to check whether it is possible to install p without installing q (in repository R). This algorithm requires checking n2 SAT in- 0 stances, which is unfeasible with n u 22 000. We need to look for an optimised approach; the following remark is the key observation.

Remark 4.2 (Reducing the search space). All packages q on which a given package p strongly depends are included in any installation of p. Furthermore, if a package p conjunctively depends on a package q, then q is a strong dependency of p.

This leads to the following improved algorithm that strongly relies on the notion of installation sets and the property of transitivity of strong dependencies. for all p ∈ R do strongdeps ← strongdeps ∪ conj dependencies(p, R) end for for all p ∈ R do S ← install(p, R) for all q ∈ S do if (p, q) 6∈ strongdeps ∧ strong dependency(p, q, R) then strongdeps ← strongdeps ∪ {p, q} end if end for end for return strongdeps The function conj dependencies(q, R) returns all packages in R that are connected to q, considering only conjunctive paths. We add to the strongdeps set all couples (p, q) such that there exists a conjunctive path between p and q, and then for all remaining packages in the install set of p, we check if there is a strong dependency using the SAT solver. On one hand, the analysis of the structure of the repositories shows that it is in practice possible to ﬁnd installation sets that are quite small. Considering only the installation set for a given package drastically reduces the number of calls to the SAT solver. On the other hand, since the large majority of strong dependencies can be derived directly from conjunctive dependencies, building the graph of conjunctive dependencies beforehand can further reduce the computation time. In our experiments, calculating the strong dependency graph and sensitivity index for about 220000 packages takes about 5 minutes on a modern commodity Unix workstation.7

5 Applications

The given notions of strong dependency, impact set, sensitivity, and strong dominance can be used to address issues showing up in the maintenance of large component repositories. In

7Intel Xeon 3 GHz processor, 3 Gb of memory

Mancoosi D5.1 Strong Dependencies between Software Components page 13 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI particular, we have identiﬁed two areas of application: repository-wide Quality Assurance (QA) and upgrade risk evaluation for user machines.

Quality Assurance FOSS distribution the size of Debian are not easily inspectable by hand, without specific tools. The work of release managers in such scenario is about maintaining a coherent package repository, i.e., in which each package is installable in at least one healthy installation. Such repositories are usually not built from scratch, but rather evolve from an unstable state to a stable one which is periodically released as the new major release of the distribution. Day to day maintenance of the repository includes actions such as adding packages to the repository (e.g., newly packaged software, or new releases) as well as removing them (e.g., superseded softwares or sub-standard quality packages which are not considered suitable for releasing). Quality assurance is meant to spot repository-wide incompatibilities or sub- standard quality packages, according to various criteria. In such ecosystems, removing a package can have non-local effects which are not evident by just looking at the direct dependencies of the involved packages. For instance, removing a package p such that several packages depends on p | q might be appropriate only if q is installable in the archive. The strong dependency graph can be used to detect similar cases efficiently. Once the graph has been computed—and Section4 showed that the cost is affordable even for large distributions—detecting if a package is removable in isolation reduces to check whether its node has inbound edges or not. If really needed, following inbound edges can help building sets of packages removable as a whole. In the same context, sensitivity can be used to decide when to freeze packages during the release process (decision currently delegated to folklore): the higher the sensitivity, the sooner a package should be frozen. Sensitivity can also be used to activate heuristic warnings in archive management tools when apparently innocuous packages are acted upon: attempting to remove or otherwise alter gcc-4.3-base at the end of the Lenny release process (see Table2) would have surely been an error, in spite of the few packages mentioning it directly in their dependencies.

Upgrade risk evaluation System administrators of machines running FOSS distributions would like to be able to judge the risks of a certain upgrade. Risk evaluation not necessarily in the sense of deciding whether or not to perform an upgrade—not performing one is often not an option, due to the frequent case of upgrades that fix security vulnerability. Upgrade risk evaluation is important to allocate suitable time slots to deploy upgrade plans proposed by package managers: the riskier the upgrade, the longer the time slot that should be planned for it. The general principle we propose is that a package that is not strongly depended upon by other packages is relatively safe to upgrade; conversely, a package that is needed by many packages on the system might need some safety measures in case of problems (backup servers, . . . ). However this measure should be computed in relation to the actual user installation and not as an absolute value with respect to the distribution such as plain impact sets. Once the strong dependency graph of a user installation has been computed, the legacy package manager can be used to find upgrade plans as usual. On that plan the overall upgrade sensitivity can then be computed by summing up the size of the installation impact sets of all packages touched by the proposed plan; where the installation impact set of a package p is defined as the intersection of the strong impact set with the local installation. The strong dependency graph used for risk evaluation must be the one corresponding to the

Mancoosi D5.1 Strong Dependencies between Software Components page 14 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI distribution snapshot which was known before planning the upgrade. This is because we want to evaluate the risks with respect to the current installation, not to a future potential one in which package sensitivity can have changed. The maintenance of such graph on user machines is straightforward and can be postponed to after upgrade runs have been completed, in order to be ready for future upgrades. Note that in this way, what is computed is an under approximation of the upgrade risk measure. For example consider the following scenario: a package p having Depends: q | r, and a healthy installation I = {p, q}. The direct dependencies of p entail no strong dependency, but in the given installation q has been “chosen” to solve p dependencies. Even if p 6∈ Is(q, R) ∩ I, an upgrade of q in that speciﬁc installation has potentially an impact on p. The under approximation is nevertheless sound—i.e., all packages in the installation impact set are installed.

Release upgrades A particular case of upgrade are the so called release upgrades (or distribution upgrades) which are performed periodically to switch from an older stable release of a given distribution to a newer one. The relevance of such upgrades is that they usually affect almost all of the packages present in user installation. Such kind of upgrades are usually already performed wisely by system administrators devoting large enough time slots. During release upgrades system administrators are often faced with the choice of whether to switch to a new major version of some available software or to stay with an older, legacy one. For instance, one can have the choice to switch to the Apache Web server 2.x series, or to stay with Apache 1.x. The upgrade is not forced by strict package versioning by either offering packages with different names (e.g. apache1 vs apache2 in Debian and its derivatives) or by avoiding explicit conflicts among the two set of versions (as it happens in RPM-based distributions). The choice is currently not technically well assisted: if apache2 is tentatively chosen, the package manager will propose to upgrade all involved packages to the most recent version without highlighting which upgrades are mandatory to fulfil dependencies and which are not. While this is a deficiency of state of the art solving algorithms [22], strong dependencies offer a cheap technical device to work around the problem with current solvers. It is enough to compute the strong dependency graph of both distributions and, in particular, the strong dependencies of the two (or more) involved packages. Then, by taking the difference of the strong dependencies in the new and in the old graph, the list of package which must be forcibly upgraded to do the switch is obtained. All such forced upgrades can then be presented to the administrator to better guide her or his choice.

Architecture visualization and monitoring As the KDE cluster in Figure9 shows, there are cases where the distributed development of a universe of components can lead to partially overlapping, duplicated components, which mangle the global architecture of the distribution; strong dominator graphs extract signiﬁcant information from the huge dependency graph, and help identify in a very visual way the areas that need to be analysed in detail; it is natural to try and improve this line of research by coupling the information found via strong dominators to other information available on the software components, like the developer team members, or the upstream source code.

Mancoosi D5.1 Strong Dependencies between Software Components page 15 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

6 Related works

We have identified several interesting articles dealing with issues related to the topics we address. In the area of complex networks, [14, 16] used FOSS distributions as case studies. The former is the closest to our focus, as it studies the network structure obtained from Debian inter-package relationships, showing that it is small-world, as the node connectivity follows a near power-law distribution. However, the analysis is performed on the direct dependency graph, which we have shown misses the real nature of dependencies. We could not get more information on how the data of [14] has been computed, as the snapshot of Debian used there comes from late 2004, and is no longer available in the Debian archives; based on the figures presented in the paper, and our analysis of the closest Debian stable distribution, we conclude that their analysis dropped all information about Conflicts and Pre-Depends. As a consequence, the figures produced for what is called in the paper “the 20 most highly depended upon packages” falls extremely short of reality: libc6 is crucial for 3 times more packages than what is reported, and other critical packages such as gcc-4.3-base are entirely missed. In the area of quality assurance for large software projects, many authors correlate component dependencies and past failure rates in order to predict future failures [24, 18, 19]. The underlying hypothesis is that software “fault-proneness” of a component is correlated to changes in components that are tightly related to it. In particular if a component A has many dependencies on a component B and the latter changes a lot between versions, one might expect that errors propagates through the network reducing the reliability of A. A related interesting statistical model to predict failures over time is the “weighted time damp model” that correlates most recent changes to software fault-proneness [9]. Social network methods [10] were also used to validate and predict the list of sensitive components in the Windows platform [24]. Our work differs for two main reasons. First, the source of dependency information is quite different. While dependency analysing for software components is inferred from the source code, the dependency information in software distributions are formally declared and can be assumed to be, on the average, trustworthy as reviewed by the package maintainer. Second, FOSS distributions still lack the needed data to correlate upgrade disasters with dependencies and hence to create statistical models that allow to predict future upgrade disasters. In more detail, the FOSS ecosystem is really fond of public bug tracker systems, but generally lacks explicit logging of upgrade attempts and a way to associate specific bugs to them. One of the goal of the Mancoosi8 project—in which the authors are involved—is to create a corpus of upgrade problems which will be a first step in this direction. The key idea behind the notion of sensitivity can be seen as a direct application of the evaluation of “disease spreading speed” in small world networks [23]: the higher the sensitivity, the larger the impact sets, the higher the (potential) bug spreading speed. The semantic definition of impact sets is crucial in this analysis: using the direct dependency graph would give no guarantee about which components will be effectively installed and therefor help bug spreading.

8http://www.mancoosi.org

Mancoosi D5.1 Strong Dependencies between Software Components page 16 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

7 Conclusion and future work

This paper has introduced the novel notions of strong dependencies between software components, and of sensitivity as a measure of how many other components rely on its availability; and we have introduced strong dominance as a means of ordering and grouping components with similar sensitivity into meaningful clusters. We have shown concretely on a large scale real world example that such notions are better suited to describe true inter-component relationships than previous studies, which were solely based on the analysis of the syntactic (or direct) dependency graph. The main applications of these new notions are tools for quality assurance in large component ecosystems and upgrade risk evaluation. The new notions have been tested on one of the largest known component-based system: Debian GNU/Linux, a popular FOSS distribution. Historical analysis of Debian strong and direct dependency graphs have been performed. Empirical evidence shows that, while the two notions are generally correlated, there are several components on which they give huge differences, with direct dependencies entirely missing key components that are rightly identified by strong dependencies. We believe the case shown in this paper is strong enough to totally dismiss, in the future, measures built on direct dependencies as soon as the dependency language is as expressive as the one used for FOSS distributions. We hence strongly advocate the evaluating of sensitivity on top of strong dependencies, and we have shown clearly how clustering components according to the notion of strong dominance allows to build a meaningful presentation of data, and uncover deep relationships among components in a repository. Despite the theoretical complexity of the problem, and the sheer size of modern component repositories, we have succeeded in designing a simple optimised algorithm for computing strong dependencies that performs very well on real world instances, making all the measures proposed in this paper not only meaningful, but actually feasible. Previous studies on network properties—such as small world characteristics—have been redone on the Debian strong dependency graph, showing that it stays small world. Future works is planned in various directions. First of all the notion of installation impact set needs to be refined. While it is clear that the strong impact set is an under approximation of it, it is not clear how to further refine it. On one hand we want to get closer to the actual set of potentially affected packages on a given machine. On the other it is not clear, for a package p depending on q | r to which extent both packages should be considered as potentially impacted by a bug in p. It appears to be a limitation in the expressiveness of the dependency language which does not state an order between q and r, but needs further investigation. Interestingly enough, the implicit syntactic order “p before q” is already taken into account by some distribution tools such as build daemons and is hence worth modelling. Distributions like Debian use a staged release strategy, in which two repositories are maintained: an “unstable” and a “testing” one. Packages get uploaded to unstable and migrate to testing when they satisfy some quality assurance criteria, including the goal of maintaining testing de- void of uninstallable packages. Current modelling of the problem is scarce and implementations rely on empirical package-by-package migration attempts. We believe that the notion of strong dependency and the clusters entailed by strong dominance can help in identifying clusters of packages which should forcibly migrate together.

Mancoosi D5.1 Strong Dependencies between Software Components page 17 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

8 Acknowledgements

The authors would like to thank Yacine Boufkhad, Ralf Treinen and JerˆomeVouillon for many interesting discussions on these issues.

Mancoosi D5.1 Strong Dependencies between Software Components page 18 of 27 Bibliography

[1] R. Albert, H. Jeong, and A. Barabasi. The diameter of the world wide web. Nature, 401:130–131, July 1999.

[2] R. Albert, H. Jeong, and A. Barabasi. Error and attack tolerance of complex networks. Nature, 406:378, 2000.

[3] Apache Software Foundation. Maven project. http://maven.apache.org/, 2009.

[4] E. Clayberg and D. Rubel. Eclipse Plug-ins. Addison-Wesley Professional, 3 edition, Dec. 2008.

[5] R. Di Cosmo, B. Durak, X. Leroy, F. Mancinelli, and J. Vouillon. Maintaining large software distributions: new challenges from the FOSS era. In FRCSS 2006, 2006. EASST Newsletter.

[6] R. Di Cosmo, P. Trezentos, and S. Zacchiroli. Package upgrades in FOSS distributions: Details and challenges. In HotSWup’08, 2008.

[7] S. Dick, A. Meeks, M. Last, H. Bunke, and A. Kandel. Data mining in software metrics databases. Fuzzy Sets and Systems, 145(1):81–110, 2004.

[8] N. E. Fenton and S. L. Pﬂeeger. Software Metrics: A Rigorous and Practical Approach, Revised. Course Technology, 2 edition, Feb. 1998.

[9] T. L. Graves, A. F. Karr, J. S. Marron, and H. Siy. Predicting fault incidence using software change history. IEEE Trans. Softw. Eng., 26(7):653–661, 2000.

[10] R. A. Hanneman and M. Riddle. Introduction to social network methods. University of California, Riverside, 2005.

[11] I. Herraiz, G. Robles, R. Capilla, and J. Gonzalez-Barahona. Managing libre software distributions under a product line approach. In COMPSAC’08, pages 1221–1225, 2008.

[12] I. Jackson and C. Schwarz. Debian policy manual. http://www.debian.org/doc/ debian-policy/, 2009.

[13] T. M. Khoshgoftaar, E. B. Allen, W. D. Jones, and J. P. Hudepohl. Data mining for pre- dictors of software quality. International Journal of Software Engineering and Knowledge Engineering, 9(5):547–564, 1999.

[14] N. LaBelle and E. Wallingford. Inter-package dependency networks in open-source software. CoRR, cs.SE/0411096, 2004.

19 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

[15] B. Livshits. Dynamine: Finding common error patterns by mining software revision histo- ries. In In ESEC/FSE, pages 296–305. ACM Press, 2005.

[16] T. Maillart, D. Sornette, S. Spaeth, and G. V. Krogh. Empirical tests of zipf’s law mech- anism in open source linux distribution. 0807.0014, June 2008.

[17] F. Mancinelli, J. Boender, R. Di Cosmo, J. Vouillon, B. Durak, X. Leroy, and R. Treinen. Managing the complexity of large free and open source package-based software distributions. In ASE, pages 199–208, 2006.

[18] N. Nagappan and T. Ball. Using software dependencies and churn metrics to predict ﬁeld failures: An empirical case study. In ESEM, pages 364–373, 2007.

[19] S. Neuhaus, T. Zimmermann, C. Holler, and A. Zeller. Predicting vulnerable software components. In ACM Conference on Computer and Communications Security, pages 529– 540, 2007.

[20] G. Robles, J. M. Gonzalez-Barahona, M. Michlmayr, and J. J. Amor. Mining large software compilations over time: another perspective of software evolution. In MSR ’06, pages 3–9. ACM, 2006.

[21] C. Szyperski. Component Software: Beyond Object-Oriented Programming. Addison Wes- ley Professional, 1997.

[22] R. Treinen and S. Zacchiroli. Solving package dependencies: from EDOS to Mancoosi. In DebConf 8: 9th conference of the Debian project, 2008.

[23] D. J. Watts and S. H. Strogatz. Collective dynamics of small-world networks. Nature, 393(6684):440–442, June 1998.

[24] T. Zimmermann and N. Nagappan. Predicting defects using network analysis on dependency graphs. In ICSE’08, pages 531–540. ACM, 2008.

Mancoosi D5.1 Strong Dependencies between Software Components page 20 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

A Case Study: Evaluation of debian structure

The strong dominance graph can be used to extract and visualize cluster of components with similar sensitivity that are hidden when looking directly at the much bigger direct (or strong) dependency graph. To showcase this application of strong dominance, we present the corresponding graphs for various Debian releases (see Figures5,6,7,8, and 10). In Figure9 we highlight the structure of the KDE cluster in Debian 3.1. Early releases (Figure5) have small dominance graphs hinting that the Debian distribution was composed, back then, by a small number of loosely coupled package clusters. From Debian 2.2 a growth of the strong dominance graph can be observed. The following graphs are generate removing all non-trivial (i.e., strictly larger than 2 components) strong dominance clusters and with a fuzzy index of 5%. All images are embedded in the electronic format of this document in vectorial format allowing to “zoom in” the otherwise huge graph. The source ﬁles (in sgv and dot format) can be retrieved from the mancoosi website at http://www.mancoosi.org.

Mancoosi D5.1 Strong Dependencies between Software Components page 21 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

texlib 0.

0. texbin

0. dialog

mﬂib mfbin kpathsea mﬂib mfbin kpathsea 0. 0. 0. 0.

(a) (b)

bsdmainutils

time inn inewsinn man groﬀ 0. 0. 0.

ﬁle debmake patch 0. 0. ﬁndutils adduser perl-suid 0. 0. ed tetex-bin tetex-base 0. 0.

time

0. wine

0. 0. inn inewsinn 0.

0. libwine0.0.971116

time inn inewsinn libwine-dev 0. 0.

(e) (f)

Figure 5: Strong dominance graphs for Debian 0.93R6, 1.1, 1.2, 1.3.1, 2.0, 2.1

Mancoosi D5.1 Strong Dependencies between Software Components page 22 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

gnome-users-guide-en

gnome-terminal

gnome-session gnome-help-data 0. gnome-gnobots2 0. gnome-gnibbles rep task-gnome-desktop 0. 0. gmc eject 0. 0. 0. 0. gnome-gnometris 0. gnome-glines sawmill rep-gtk 0. gnome-faq junkbuster 0. gnome-help 0. 0. blt-common

0. 0. 0. 0. 0. lftp 0. blt 0. gnome-gataxx gnome-gnotravex 0. 0. 0. 0. 0. diald gnome-control-center blt8.0 0. gnome-xbill gnome-games 0. 0. pppconﬁg task-dialup 0. 0. 0. docbook2man 0. gnome-stones dialdcost 0. gnome-gtali

0. 0. csplain 0. wvdial 0. 0. 0.

docbook-xml 0. cslatex

0. gnome-gturing wwwoﬄe cstexfonts gnome-same-gnome 0.

util-linux sysvinit mount 0. 0. libtom2-dev 0. gnome-iagno 0. gnome-mahjongg docbook-to-man cygnus-stylesheets 0. 0. libtom2 0. 0. libart2

0. 0.819672131148 0.819672131148 tom 0. 0. docbook2texi task-sgml

libgnome32 0. libgnomeui32 0. 0. lib-xp-java 0. 0.819672131148 jadetex 0. 0.819672131148 0. 0. 0. 0. lib-sax-java 0. 0. 0. docbook-stylesheets-doc 0. 0. 0. 0. 0.819672131148 lib-xt-java 0.819672131148 0. libgnome-dev 0. 0. 0.0. 0. libgnomesupport0 0. 0. 0. libgnorba27 0. 0. 0. 0. 0. 0. orbit liborbit-dev indent 0. 0. 0. 0. 0. 0. 0. 0. docbook-doc 0. 0. 0. libart-dev 0. gdk-imlib-dev 0. libgcj0 0. 0. 0. 0. gnome-bin 0. libgnorbagtk0 xfonts-100dpi 0. 0. gcj libgnorba-dev sgmltools-2 0. 0. 0. 0. 0. libhtml-parser-perl libgcj0-dev gnome-libs-data xfonts-scalable task-x-window-system-core 0. rplay-client rplay-perl 0. liboo2c

4.93827160494 0. 0. xfonts-75dpi 0. 0. rplay-server oo2c liboo2cx11-dev 0. rplay 0. 0. libwww-perl liburi-perl 4.93827160494 0. 0. rplay-contrib

liboo2cx11 librplay3-dev

(a)

gs-common

libbonobo2 0. 0.

libfam-dev 2.08333333333 gs 0. pike-gmp pike-gz 0. 2.08333333333 libgtk2.0-0 kdelibs-dev 0. ppdﬁlt 0. 0. 0. bonobo libefs1 libgimpprint1 0. 0. 1.28205128205 0. 0. liblablgl-ocaml 0. 0. libkmid-dev 0. libgtk-common liblablgl-ocaml-dev 0. printtool pconf-detect roxen pike-image 0. 0. 0. 0. 0. 0. 0. 0.

libarts-dev xemacs21-basesupport caudium kivio 0. libgtk2.0-common 0. printﬁlters-ppd kformula

0. 0. nas-dev

0. kontour 0. pike7-gz 0. 0. 0. kchart liblablgtk-ocaml-dev liblablgtk-ocaml 0. 0. g++ 0. 0. xemacs21 xemacs21-bin 0. kword koﬃce 0. 0. 0. 0. 0. 0. 0. 0. libgnorbagtk0 0. pike7-image koshell 0. libstdc++2.10-dev 0. kugar 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. libgnomeui32 0. libgnomesupport0 0. g++-2.95 xemacs21-support 0. kspread kpresenter lapack-dev pike7-lobotomized-crypto 0. 0. libconfhelper-perl libgnomeprint-bin 0. 0. 0.0. 0. 0. 0. 0. 0. 0. caudium-modules libpango1.0-dev libgtk2.0-dev libatk1.0-dev 0. 0. 0. 0. 0. 0. arpack2-dev arpack2 0. 0. 0. 0. 0. 0.0.0. 0. libgnorba27 0. 0. 0. gnome-bin 0. gsfonts-x11 0. libgnomeprint-data 0.864553314121 etherconf dhcp-client 0. 0. 0. 0.864553314121

0. 0.0. 0. 0. 0. 0. 0. 0. phpgroupware-api phpgroupware-admin 0. 0. 0. 0.864553314121 0.864553314121 libgnomevfs2-common libunicode-dev libgal-dev libglade-gnome0-dev libguilegtk-dev 0. 0. libgnomeprint15 0. 0.0. libgnome32 0. gnome-libs-data 0. libwmf-dev libmagick5-dev libdps-dev 0. 0. 0. 0. 0. 0.864553314121 0.864553314121 0. libguile-dev 0. 0. 0. libgnomevfs2-0 0.

zope-cmfcalendar libart2 isdnlog-data 0. 0. 0. libltdl3-dev

gnome-vfs-extfs phpgroupware-core 0. 0.0. 0. phpgroupware-preferences isdnutils-xtools 0. isdnlog 0. 0. 0. 0. 0. 0. 0. libedb1-dev isdnutils zope-cmftopic zope-cmf 0. 0. 0. zope-cmfcore 0. 0. 0. 0. 0. 0. 0. 0. libttf-dev libedb1 libusb-dev 0. mesag-dev 0. libart-dev 0. 0. mozilla-psm mozilla mozilla-mailnews 0. 0. 0.

libimlib2-dev 0. 0. libv-dev 0. ldp-es-garl gobjc phpgroupware 0. phpgroupware-setup 0. zope-cmfdefault 0. 0. 0. mesag3 0. libticalcs3-dev libticables3-dev libesd0-dev 0. 0. gdk-imlib-dev libgnome-dev 0. libobgtk-dev 0. 4.34782608696 0. 0. ldp-es-lipp ldp-es ldp-es-glup 0. 0. 0. 0. gobjc-2.95 python-kjbuckets libxaw7-dev libvx-dev libvx1.25 0. 0.

gnustep-base1 0. 0. libconvert-ber-perl tidev-modules-source python-newt libgnorba-dev 0. libpango1.0-0 0. 0. 0. routeplanner 0. ldp-es-gulp 0. libfreetype6 0. 0. libobjc1 0. gnustep-make 0. mon libtime-period-perl 0. 0. 0. postﬁx-ldap 0. libpango-common 0. 0. 0. python2.1-kjbuckets 0. 3.37340054285 0. 0. 0. 0. 0. 0. postﬁx python-pqueue libmon-perl 0. 0. gobjc-3.0 xlibs xfree86-common libpango1.0-common 4.22644435828

postﬁx-pcre xfonts-thai-manop xfonts-thai xfonts-thai-etl 0. 0. libarr-dev librsvg-dev libeel-dev libgnome-vfs-dev tcpd netbase ifupdown net-tools 0. 0. 0.763358778626 2.29007633588 3.73134328358 libarr0 xpdf-utils xpdf xpdf-reader 0. 0.

0. qt3-tools libqt3-dev libqxt0 util-linux sysvinit mount 0. 0. 0. 3.48837209302 0.

libctk3-dev libctk3 0.

(b)

Figure 6: Strong dominance graphs for Debian 2.2, 3.0

Mancoosi D5.1 Strong Dependencies between Software Components page 23 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI d95 0. gnome-themes gtk2-engines-redmon 0. 0. useblue 0. 0. gtk2-engines-thinice gtk2-engines-lightho 0. 0. 0. 0. gtk2-engines-mist gtk2-engines-crux 0. 0. ronment gnome-desktop-envi ial kxsldbg kimagemapeditor 0. 0. 0. liblog4j1.2-java liblzo1 0. 0. libopencdk8 gtk2-engines-industr libgdk-imlib-ruby1.6 0. 0. 0. 0. libbcel-java liba52-0.7.4-dev 0. 0. kdewebdev 0. 0. 0. 0. 0. 0. libart-ruby1.6 0. 0. 0. 0. libplot-dev libbonoboui2-0 libgnome-keyring0 kenolaba 0.821744627054 0.126422250316 0. 0. 0. 0. kdegames-card-data kbounce 0.898203592814 kmrml s 0. mindi-kernel libmx4j-java 0. libgnutls11 0.299401197605 kiconedit kfouleggs klinkstatus 0. kfilereplace n 0. libgnomeui-0 mindi-partimagehack ns 0. 0. 0. libmagick++6-dev kolourpaint 0. 0.898203592814 0. 0. zope-cmftopic1.4 kblackbox 0.299401197605 0. kgamma libgnome-ruby1.6 0. 0. libavcodec-dev gnome-themes-extra kgoldrunner 0. gnome-keyring libbonoboui2-commo 0. mindi kooka 0. ms-sys zope-cmfcalendar1.4 0. 0. zope-plonetranslatio 0. quanta 0. 0. kfax mindi-busybox libpstoedit-dev quanta-data 0. 0. 0. 0. 0. 0.063211125158 kbattleship 0. 0. kpdf 0. libdts-dev kjumpingcube kdvi 0. 0. crystal 0. zope-pts 0. 0. 0. 0. zope-cmfcore1.4 perl libtasn1-2 python-netcdf kdegraphics expiry-perl 0. kbackgammon libguile-ltdl-1 0. 0. 0. gins gtk2-engines-sphere libgnomeui-common 0. kpovmodeler 0. klickety 0. 0. 0. 0. libclass-returnvalue- 0. 0. 0. 0. 0. 0. 0. 0. libcache-simple-timed r python-mpi 0. python-scientific 0. 0. parted kdegraphics-kfile-plu 0. 0. 0. kruler 0. 0. katomic guile-1.6-libs 0. 0. 0. 0. zope-cmfdefault1.4 0. zope-groupuserfolde -perl 0. 0. 0. 0. klines 0. 0. kcoloredit 0. 0. 0. 0. ksnapshot 0. indent python-numeric-ext 0. 0. pike7.6-gdbm ksvg kamera 0. 0. 0. 0. libdbix-searchbuilder kdevelop3 0. 0. 0. 0. libqthreads-12 0. kasteroids rtool 0. 0. 0. 0. 0. 0. pike7.6 liborbit-dev netpbm 0. 0. zope-cmf1.4 kmahjongg 0. 0. 0. 0. 1.96850393701 0. bc 0. dpkg-awk file-roller zope-cmfquickinstalle 2.55905511811 0. libnetpbm10 kdevelop3-data kdevelop3-plugins 3.57142857143 kuickshow 0. 0. pike7.6-manual 0. 0. 2.21774193548 2.21774193548 gconf-editor 0. nautilus-media 4.83870967742 4.23387096774 4.83870967742 4.23387096774 abiword-gnome es-perl pike7.6-image kdegames libwrap0-dev 0. ler 0. 0. 0. 0. gnome-about 0. 0. libffcall1-dev 0. kdelibs4 kdelibs-bin 0. or nautilus-cd-burner 0. dev r-cran-sandwich gnome-games-data toolchain-source kmines gucharmap 0. gpdf gnome-games 0. 0. 0. libclass-autouse-perl zope-dcworkflow 0. 0. gnome-gv libgraphics-colornam 0. pike7.6-doc 0. zope-cmfformcontrol 0. 0. 0. 0. 0. 0. gnomemeeting 0. 0. gnome-utils 0. gnome-office 0. gnome-system-monit gnome2-user-guide libgnustep-base1.10- l 0.806451612903 t-perl 0. 0.806451612903 l-perl 0. 0.806451612903 menu-xdg r-cran-zoo 0.806451612903 0. 0. 0. kdelibs-data zope-cmfplone 0. konquest zope-cmfactionicons r-cran-strucchange libwant-perl dpkg-cross 0. 0. 0. libmodule-load-perl libmodule-install-per libgraphics-colorobjec libextutils-autoinstal libarts1 0. gobjc 0. pike7.6-reference libopenexr2 dia-gnome gobjc-3.3 zenity 0. kde-amusements 0. 0. 0. 0. 0. 0. kalzium 0. 0. 0. 0. kbruch kdeedu 0. kpat 0. 0. 0. 0. 0. 0. libmng-dev 0. 0. 0. libxcursor-dev kdeedu-data amor 0. 0. klettres-data ash 0. 0. 0. 0. zope-cmfdefault 0. 0. 3.57142857143 3.57142857143 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. keduca 0. 0. kpoker 0. libqt3-mt-dev klettres 0. 0. zope-cmftopic 0. 0. zope-cmfcalendar 0. 0. libsary-ruby1.8 0. kwin4 0. .8 0. 0. 0. 0. lessdisks-terminal 0. libxtrap6 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. khangman 0. 0. 0. libsuikyo-ruby1.8 libxmuu1 0. 0. libprogressbar-ruby1 0. 3.57142857143 kreversi 0. zope-cmf kwordquiz 3.93412625801 0. zope-cmfcore 3.93412625801 devfsd xlibs prime libkonq4-dev kdebase-dev qt3-designer 0. 0. lskat 0. 0.182982616651 kuipc libxft1 kiten kitchensync egroupware-email 0. kmailcvt kdepim-kio-plugins book ksame qt3-dev-tools libgnomecups1.0-1 kvoctrain 0. kdepim-kfile-plugins karm ktron 0. konsolekalendar korn kandy libopencdk8-dev pocketpc-gas egroupware-address 0. pocketpc-binutils 4.12371134021 0. cernlib-core-dev mlchat kshisen klatin 0. libmlchat-ocaml-dev 0. 0. ocaml-dbforge 0. liboptions-ocaml-dev kspaceduel kverbos 0. 0. 0. gtkhtml3.2 ocaml-ioxml libgal2.2-common ksirtet libgnomeprint2.2-0 egroupware-projects libokey-ocaml-dev prime-dict dzedit debconf-utils 0. 0. v ksokoban pocketpc-gcc ksmiletris ksnake 0. libgnutls11-dev ocaml-omom 0. kmessedwords kturtle html2text paw-demos -perl festival 0. paw evolution a ocaml-report libgpattern-ocaml-de 0. 0. 0. kpf 0. 0. 0. kopete kmplot 1.17647058824 0. ktouch debhelper 0. kppp x-dev libcpan-distnameinfo ev kpercentage python2.2-biopython 0. 0. python-pqueue libanydata-perl libgnomeprint2.2-dat festlex-cmu knewsticker libreport-ocaml-dev libtasn1-2-dev festlex-poslex cernlib-core 0. 0. 0. 0. 0. 1.29449838188 xemacs21-bin 0. 0. 0. 0. 0. 0. krdc 0. 0. 0. 0. 1.29032258065 0. 0. 0. 0. 0. libxext-dev kde-devel 0. python-newt 0. 0. 0. libconfigwin-ocaml-d xlibs-static-dev ocaml-zoggy 0. 0. 0. 0. 0. 0. xtexttools rt 0. poxml 0. 0. kget 0. 0. 1.29449838188 1.29449838188 0. 0. 0. kapptemplate 0. 0. es-perl 0. 0. 0. 0. 0. krfb 0. 0. kdenetwork 0. 0. 0. 1.29449838188 pocketpc-sdk routeplanner python2.2-reportlab 0. 0. 0. 0. 0. xemacs21-support python2.2-egenix-m r xemacs21-basesuppo 0. libdbd-anydata-perl 0. 0. 0. kdict 0. 0. 0. 0. 0. 0. 0. 0. libxi-dev umbrello libparse-cpan-packag libx11-dev 0. ksirc kbugbuster 0. 0. n-perl 0. all-da-perl 0. -martel 0. 0. ng scantv mple-perl 0. libdstyx evolution-data-serve pia xemacs21 libxv-dev 0. 0. 0. 0. 0. 0. -perl 0. kwifimanager l libsnowball-norwegia liblingua-stem-snowb python2.2-biopython 0. frozen-bubble-data kdenetwork-fileshari styx libfile-type-perl libdbd-csv-perl amanda-client libperlio-eol-perl libxstyx xawtv liblocale-maketext-si bug-buddy 0. 0. cervisia 0. 0. gnome-terminal 0. 0. 0. 0. kcachegrind 0. xfonts-100dpi libperlio-via-dynamic 0. libsort-versions-perl 0. libdata-hierarchy-per perl -perl orms cameleon 0. libio-digest-perl perl e-perl 0. 0. 0. 0. 0. 0. kdepim amanda-server amanda-common 0. 0. 0. python2.3-docutils dcoprss 0. frozen-bubble 0. 0. liblingua-stem-perl gnome-core xt-aterm re v 0. libkuipx11-1-dev libsnowball-swedish- zope2.7-portaltransf 0. liblingua-pt-stemmer 0. 0. 0. 0. libperlio-via-symlink- libalgorithm-annotat gnupg2 libarts1-dev 0. gnupg-agent 0. 0. 0. kuiviewer 0. 0. 0. erl ocamlcvs 0. kdesdk-kfile-plugins 0. 0. x-window-system-co libgrafx11-1-dev libocamlcvs-ocaml-de 0. xt-toolbuslib pm-dev xt-aterm-dev libsdl-perl 0. 0. 0. 0. 0. 0. zope2.7-archetypes libpaw1-dev libtext-autoformat-p 0. 0. gpgsm dirmngr 0. 1.5625 libxtrap-dev 0. kdelibs4-dev erl 0. 0. 0. libart-dev 0. egistry gdk-imlib1-dev 0. 0. 0. 1.5625 s 0. kspy 0. 0. 0. gnuift 0. 0. kdesdk-misc 0. libgraflib1-dev xfonts-75dpi xlibs-dev 0. kleopatra 0. knewsticker-scripts eog 1.5625 0. 0. 4.34782608696 0. zope2.7-generator libnews-nntpclient-p 0. 0. zope2.7-mimetypesr 0. 0. plugins 0. 0. 0. libtext-reform-perl 0. libtext-quoted-perl tetex-base nder-data libxmuu-dev libfam-dev kdeadmin-kfile-plugin 0. asterisk-config 0. libgnome-dev perl 0. 0. kdat kpackage 0. python-maxdb kompare 0. libtar aptitude 0. rdtool der 0. 0. kdesdk-scripts 0. 3.14960629921 kdeaddons 0. 0. kdemultimedia-kfile- 0. gnuift-perl libxml-xpath-perl kdemultimedia-kappfi 0. 0. 0. 0. tetex-bin 0. libxml-handler-trees- perl 0. 0. 4.34782608696 libtext-german-perl kcron 0. vlc 0. 0. kdesdk 4.34782608696 libarts1-audiofile kmtrace wxvlc ksysv asterisk kdeadmin 3.84615384615 kaudiocreator 0. pike7.4-manual libcnumx0 0. libuconv-ruby1.8 maxdb-server-7.5.00 0. 0. 0. python2.3-maxdb-loa tasksel 0. 0. 4.72440944882 zope2.7-validation ifupdown 0. tdiary ed 0. 0. 0. 0. libefs1 libxml-sax-machines- 0. axkit 0. 0. 0. kuser libarts1-xine kaboodle s kcmlinuz 0. ev 0. 4.16666666667 0. 0. 4. 0. 0. svk r libbonobo2 1.58102766798 0. 0. 0. 0. 0. 0. pike7.4-doc 0. 0. 0. 0. 0. 0. libcnumx0-dev 0. 0. netbase 0. libnumerix-ocaml-dev 0. asterisk-sounds-main kaddressbook-plugin 0. education-tasks libgnorba-dev 0. bonobo libpostgresql-ocaml-d 0. maxdb-dbmcli 0. python-maxdb-loade libxml-sablot-perl sendmail-cf 0. libpostgresql-ocaml 0. 0.395256916996 0. 0. libhttp-ghttp-perl 0. 0. tcpd libsvn-core-perl 0. 0. libsvn-simple-perl atlantikdesigner klipper 0. 0. kate-plugins 0. sendmail-bin pike7.4-reference kdepasswd ins 0. secpolicy 0. kdemultimedia 0. kmenuedit 0. 0. 0. sendmail libdbi-ocaml-dev 0. rmail 0. 0. libpgsql-ocaml libgtk2.0-common 0. noatun-plugins 0. 0. 0. maxdb-server python2.3-maxdb libsvn-mirror-perl libxsharp0 libgtkspell-dev 0. 0. ksig rl kdebase 0. kdeaddons-kfile-plug 0. 0. 0. libgnomemm2.0-dev 0.979519145147 l 0. juk sendmail-base 0. konq-plugins .0-dev libsmbclient kicker-applets 0. 0. kpager 0. libgtk2.0-bin gnustep-gui-common libtunepimp-bin libgtkgl2.0-dev 0. 0. 0. libpango1.0-common 0. 0.979519145147 0. libpgsql-ocaml-dev 0. 0. 0. 4.16666666667 0. 0. 0. 0. libclass-whitehole-pe 0.356188780053 0. 0. 0. 0.979519145147 0. pnet-assemblies libtk-tablematrix-per libperl4caml-ocaml pnet-interpreter 0. 0. libgnomevfs2-0 0. ev desktop-file-utils 0. 0. 0. libgnomecanvasmm2 0. 0. 0.979519145147 0. 0. libpango1.0-doc 0. 0. v ksmserver 0. 0.356188780053 0. 0. 0. ev gnustep-ppd 0. indow liblablgtk2-ocaml-dev libsvga1-dev libgnustep-gui0.9 sensible-mda 0. libdbi-ocaml 0. vimpart 2.34375 0. 0. 0.979519145147 libgtk2.0-doc libima-dbi-perl kpersonalizer 0. 0. xmltv-gui 0. libperl4caml-ocaml-d 0. 0. libatk1.0-0 0. 0.520833333333 libpango1.0-0 libgnomeuimm2.0-de libmysql-ocaml-dev libclass-dbi-perl 0. 0. libgeant1 kdeartwork-style 0. libmysql-ocaml 3.57142857143 libocamlodbc-ocaml-d 0. 4.16666666667 0. 0. kdeartwork-theme-w 0. ktip 0. libclass-trigger-perl 0.356188780053 0.979519145147 0. erl 0. 0. 0. rent-perl 3.38541666667 ch-perl shared-mime-info gnome-mime-data devhelp-book-gtk2 libgtk2.0-0 libsdl1.2-dev 0. kde-core 0. libglib2.0-doc 0. 0. kdeartwork-misc 0. kscreensaver 0. 3.38541666667 0. libgeant1-dev 0. geant321-data 0. kdelibs 0. 0. 0. 0. 0. 0. libwww-mechanize-p libsqlite-ocaml 0. libuclibc-dev 0. 2.34375 ksplash libhttp-cache-transpa 0.520833333333 libdbix-contextualfet n 0. kdeprint 0. 0. libatk1-ruby libacl1 0. libgdk-pixbuf2-ruby poster libatk1.0-doc aalib1-dev 0. geant321 0. 0. kdeartwork 0. kgpg 0. 3.38541666667 0. kfloppy libbonobo2-0 0. libnautilus2-dev 0.107874865156 libuclibc0 libcroco3 libgnomevfs2-commo 0. libnet-snpp-perl libsqlite-ocaml-dev 0. libgnorba27 erl uclibc-toolchain 0. 0.270465200144 3.38541666667 0. 0. 0. libattr1 0. libffcall1 coreutils 0. 0. kdf 0.378651280202 0. 0. perl rences 0. s 0. 0. khexedit 0. n 0. 0. libeurodec1 0. libgtk2-ruby 0. gnome-bin 0. libbonobo2-common xmltv-util libherwig59-dev 1.21951219512 1.21951219512 libxmltv-perl v -dev 1.26582278481 gnome-libs-data arts 0. libherwig59 0. libatspi-dev gnome-core-devel 0. 0. 0. libdevice-serialport-p libeurodec1-dev kdeutils 0. 4.91958372753 0. libcojets1 0. 0. 0. xscreensaver-gl libphotos202-dev librsvg2-2 0. 0. 0. kdessh phpgroupware-prefe 0. timezoneconf libuniversal-moniker- 0. kscreensaver-xsaver 4.70588235294 0. librsvg2-common 0. 0. r-cran-kernsmooth 0. 0. 0. debianutils kjots gnustep-base-commo libopenalpp-cvs 0. 0. 0. 4.70588235294 0. 0. 0. libgnome-desktop-de 4.70588235294 libdmsocket-0.32.5-0 0. -files 0. 0. 0. 0. libphotos202 libcojets1-dev 0. 0. 0. 1.26582278481 0. 0. 0. erl r-base 0. 0. 0. 0. 0. 0. 0. pax 0. sendpage-common 0. 0. 0. r-cran-rpart 0. libopenal-dev 0. 0. 0. 0. 0. libart2 lsb-release 0. ktimer kcharselect 0. libgnorbagtk0 0. 0. 0. 0. 0. 0. 0. phpgroupware-setup 0. phpgroupware-admin 0. 0. 0. 0. 0. 0. 0. 0. openoffice.org-debian 0. cernlib-montecarlo 0. libdlisp0-dev libmail-listdetector-p 0. 3.79746835443 0. gtk-doc-tools 0. 0. 0. libatk1.0-dev 0. 0. libdshconfig1-dev 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. perl 0. lsb-core 4.70588235294 gnustep-make guile-library 0. 4.70588235294 libopenalpp-cvs-dev libgnustep-base1.10 0. 4.70588235294 0. 0. 0. api libconvert-ber-perl 0. 0. -dev 0. 0. 0. 3.79746835443 xlhtml 0. 0. r-cran-cluster libgnome32 r-recommended libgnomeui32 0. ttf-opensymbol libmail-audit-perl 0. libphtools1 0. 0. 0. 0. openoffice.org-bin 0. 0. kwalletmanager docbook-to-man libphtools1-dev libpango1-ruby 0. 0. g-wrap libobjc1 libmodule-pluggable- 0. openafs-client pike7.2-image 0. 0. 0. 0. phpgroupware libgtk2.0-dev gnome-session 0. 0. 0. 0. 0. mon 1.47058823529 0. 0. libdnas-core-0.32.5-0 phpgroupware-phpgw 0. 1.51515151515 0. libgnomesupport0 0. tuxpaint r-cran-foreign 0. libmon-perl 0. gnumail.app gjdoc tribute rce libgnome2-ruby ev l 3.0303030303 pike7.2-gz 0. 2.38095238095 caudium-modules 0. 0. 0. kfind 0. 0. liblist-moreutils-perl 0. openoffice.org 0. 0. 0. alien l 0. 0. 0. 1.51515151515 libgdk-pixbuf-dev 0. 4.7619047619 capplets-data ult y libffi3-dev zope-zaaplugins e2fslibs-dev ork 0. kdesktop 0. 0. antlr gnome-desktop-data zope-zattachmentat 1.51515151515 libx11-6 libemail-simple-perl 0. 0. openafs-modules-sou libgwrap-runtime0-d 3.0303030303 0. 0. libemail-abstract-per libgnomeprint-bin kaffe-common 0. libpango1.0-dev 0. 0. 0. 0. 0. 0. 0. 0. 0. dev 0. tuxpaint-data libart2-ruby htmlgen libclass-inspector-per libdbi-perl eyesapplet 0. addressmanager.app maxima-src caudium tuxpaint-stamps-defa addressview.framew libgnomecanvas2-rub 4.00359874044 4.7619047619 html2ps 0.0224921277553 pike7.2-crypto 0. libgnuinet-java libppi-perl capplets kaffe 0. 0. 0. 0. 1.51515151515 0. 0. libgdbm3 0. kdetoys 0. 0. konqueror fifteenapplet 0. 0. libgnomeprint-dev 0. xlibs-data 3.97931654676 libctk3 maxima-share libgnomeprint15 libgdk-pixbuf-gnome- kdebase-kio-plugins libgnomeprint-data xfree86-common 0. libggi2 0. gretl 0. 0. rdiff 3.85628291949 3.85628291949 0. gnuplot luola libarr0 gnomoradio 0. 0. ktnef 0. 0. 0. libplrpc-perl perl 0. 0. 0. 0. 0. libjessie-java 0. 0. 0. python-htmlgen 0. weblint-perl 0. 0. 0. 0. python2.3-htmlgen 0. libnet-daemon-perl 0. libgnucrypto-java libhtml-lint-perl 0. 0. perl-modules 0. maxima-test 3.57142857143 0. 0. 0. 3.57142857143 kmoon kweather 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. libgii0 0. 0. libgretl1 libctk3-dev slbackup librainbow0 libkcal2a libgii0-target-x luola-data gretl-common libroboradio0 gnuplot-nox gnuplot-x11 rdiff-backup luola-levels libkdepim1 libarr-dev kodo ktux kteatime

Figure 7: Strong dominance graph for Debian 3.1.

Mancoosi D5.1 Strong Dependencies between Software Components page 24 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI ns 0. zope-pts zope-plonetranslatio 0. 0. zope-cmfplone qt3-designer libkonq4-dev kdebase-dev b 0. pocketpc-gas libgeos-dev l libcfitsio-dev pocketpc-binutils libgdbm3 libdbix-class-perl snacc libcvaux0.9.7-0 0. latex-beamer 0. 0. 0. 0. libglade2.0-cil -perl 0. 0. courier-authlib-userd 0. r-cran-fecofin 0. 0. 0. r-cran-rpart 0. 0. sablevm s 0. 0. 0. 0. 0. 0. classpath-tools 0. 3.24058919804 3.24058919804 automake1.8 xfonts-base 0. perl libdbix-dbschema-per 0. libgconf2.0-cil 0. 0. libcvaux-dev libhighgui-dev perl 0. pgf 0. 0. 0. 0. 3.7037037037 0. 0. libdbd-pg-ruby 0. 0. erl perl-modules latex-xcolor 0. libhttp-server-simple 0. libgpg-error-dev r-cran-kernsmooth pocketpc-gcc 0. 0. courier-authdaemon 0. 0. 0. loader-perl 0. 0. 0. r-cran-fseries python-twisted-lore 0. python-twisted-new r-cran-fcalendar 0. xfonts-75dpi libgdal1-1.3.2-dev 0. 0. 0.769230769231 0. 0. 0. 0. 0. libclass-returnvalue- 0. libgnome2.0-cil wireshark-dev 0.77519379845 xorg 0. courier-base 0. on free-java-sdk libmodule-find-perl 0. 0. 0. 0. libopencdk8-dev libcarp-assert-more-p 0. 0. 0. 0. r-recommended 0. 0. libcv-dev libdbix-class-schema- 0. 0.763358778626 sisu-postgresql libgnutls-dev kenolaba libdbd-pg-ruby1.8 libavformat-dev kfouleggs liblzo-dev r-cran-fbasics -perl 0. 0. 0. lua50 0. libstlport4.6c2 ize-perl r-cran-foreign 0. 0. openoffice.org-comm python-twisted xfonts-100dpi kgoldrunner kdegames-card-data 0. libgnomecups1.0-1 2.63157894737 type-handling 0. 0. 0. expiry-perl 0. 0. 0. libgcrypt11-dev kde-devel all-da-perl libarts1-dev kbounce 0. libdbix-searchbuilder 0. liblua50-dev 0. 1.6393442623 0. libtest-www-mechan kompare 4.91803278689 0. 0. kdesdk-misc kjumpingcube r-cran-cluster 0. 0. 0. zope-atcontenttypes 2.1978021978 -perl 2.77777777778 2.85714285714 libcache-simple-timed 0. libattr1-dev liblingua-stem-snowb 0. pocketpc-sdk libhdf4g-dev kblackbox openoffice.org-core 0. 0. 0. kdelibs4-dev perl liblualib50-dev kspy 0. 2.85714285714 kmtrace klickety 2.85714285714 libgnomeprint2.2-0 liblingua-pt-stemmer 0. zope-atrbw libtasn1-3-dev jikes-sablevm zope-securemailhost libacl1-dev 0. 0. 0. libsnowball-swedish- 0. 0. fti 0. ies php-mail 2.85714285714 kbattleship 0. a er 0. klines 0. libavahi-qt3-dev 0. php-http kuiviewer freeze libicestorm31 kdesdk-scripts 0. 0. 0. 0. 0. 0. libicepatch2-31 glacier2 zope-cmfdynamicview zope-resourceregistr 0. 0. python-twisted-runn libgnomeprint2.2-dat libicebox31 libopenexr-dev php4-pear 0. 0. icebox 0. liblingua-stem-perl 0. 0. kflow kbackgammon 0. -perl 0. 0. 0. 0. kmines 0. 0. libglacier2-31 0. libplucene-perl 0. icepatch2 0. zope-pluginregistry 0. rl 0. kunittest libegroupwise1.2-10 0. 0. 0. zope-cmfplacefulwor erl ttf-opensymbol 0. 0. 0. kdesdk-kfile-plugins 0. 0. libbit-vector-minimal rtool n-perl 0. 0. 0. 0. 5. 0. libfreeze31 icestorm 0. 0. zope-plonepas 0. libnumber-format-pe 0. 0. katomic ool 0. 0. r libnumber-compare-p 0. 0. 0. 0. 0. libvte-cil knetwalk zope-cmfquickinstalle 0. libsnowball-norwegia dex 0. kxsldbg libtext-german-perl kimagemapeditor 0. simba 0. 0. 0. cervisia 0. 0. kcachegrind 0. rting zope-plonelanguaget 0. evolution-data-serve 0. 0. 0. 0. 0. 0. 0. zope-extendedpathin ool gtk-sharp-examples 0. 0. libnet-snpp-perl -perl kdewebdev erl 0. 0. 0. busybox r zope-ploneerrorrepo 0. kdegames 0. mailman libfile-find-rule-perl 0. libxv-dev zope-externaleditor 0. 0. 0. 0. 0. poxml 0. kmahjongg zope-pas 0. klinkstatus 0. kfilereplace libswt3.2-gtk-java zope-passwordresett kbugbuster zope-genericsetup 0. 0. libgconf-cil libpod-coverage-perl libglade-cil 0. 0. zope-kupu 0. libtest-pod-coverage r-common 0. zeroc-ice-services libdevice-serialport-p 0. 0. rl 0. 0. 0. initramfs-tools zope-groupuserfolde 5. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 5. pwgen 4.7619047619 0. 0. 0. umbrello 0. libxvmc-dev eclipse-rcp evolution-data-serve kapptemplate quanta icegrid libtie-array-sorted-pe gforge-lists-mailman x11proto-video-dev sendpage-common 0. libswt3.2-gtk-jni libklibc libtext-glob-perl libropkg-perl quanta-data libgnome-cil libicegrid31 klibc-utils kdesdk 4.54545454545 0. kasteroids 0. s 0. 0. 0. 0. 0. kde-amusements 0. 0. kdeedu 0. 0. klettres-data 0. 0. klettres 0. 0. 0. zope-statusmessage 0. 0. kpercentage 0. 0. 0. 0. 0. lskat 0. 0. kalzium-data ktouch 0. 0. 0. 0. konquest 0. 0. 0. 0. 0. 0. rl 0. 0. 0. libsary-ruby1.8 kalzium 0. 0. 0. .8 0. 0. 0. 0. 0. 0. kverbos 0. kwin4 0. 0. libextutils-cbuilder-pe n esql 0. libmodule-build-perl 0. 0. 0. 0. kpat 0. libsuikyo-ruby1.8 0. libprogressbar-ruby1 0. 0. 0. 0. 0. python-twisted-bin prime 0. 0. 0. 0. kmplot 0. 0. rl 0. 0. libgretl1 0. gambas-gb-db-mysql gnustep-back-commo 0. 0. gambas-gb-db-postgr 0. kvoctrain let 0. 0. 0. l adduser 0. 0. 0. 0. 0. ktron 0. libextutils-parsexs-pe 0.874316939891 0.874316939891 gretl 0. kpoker 0. login passwd 0. fast-user-switch-app 0. libmodule-install-per klatin 0. 0. libtifiles0-dev gambas-gb-db ev 0. python-twisted-core libipc-run3-perl kcron kwordquiz kuser 4.4776119403 0. gnustep-back0.11 xblast-tnt-images ds libcatalyst-perl kdat kspaceduel 0. python-qtext 0. 0. kreversi 0. ksysv gretl-common 0. 2.85714285714 0. 0. libpostgresql-ocaml-d 0. gnome-system-tools kiten kspread 0. 0. s 0. system-tools-backen blinken bicyclerepair libticables3-dev libvcp-perl 0. 0. prime-dict 0. 0. 0. gnustep-gui-runtime eric ksokoban libpostgresql-ocaml 0. 0. s 0. xblast-tnt 0. ksame kdeadmin libgloox4 0. 0. ev kpackage 1.40845070423 ronment libcal3d11-dev libsdl-perl python-zopeinterface 0. kword 1.40845070423 0. kdeadmin-kfile-plugin liba52-0.7.4-dev libdc1394-13-dev khangman 0. ksnake rl ttf-sjfonts kshisen 0. libdbi-ocaml-dev 0. 0. 0. weechat kaddressbook-plugin gnustep-ppd 0. atlantikdesigner 1.40845070423 kate-plugins 0. 0. ksirtet gnustep-gui-common ins ksmiletris 0. libocamlodbc-ocaml-d gnome-desktop-envi keduca 0. 0. 0. 0. 0. 0. scantv 0. kanagram libgloox-dev libbeecrypt6-dev kbruch 0. noatun-plugins 0. 0. libxml-autowriter-pe tidev-modules-source xblast-tnt-models 0. pia kword-data libneon25-dev .6 libosgcal-dev try 0. frozen-bubble pike7.6-manual 0. 0. libdirectfb-extra 0. 0. 0. libavcodec-dev 0. libmysql-ocaml ksig kdeaddons-kfile-plug libqthreads-12 libdbi-ocaml nagios2 0. 0. weechat-curses gambas-gb-db-sqlite libgnustep-gui0.11 weechat-common zope-cmfcore1.6 0. librpm-dev xawtv 0. 0. libmysql-ocaml-dev 0. arts 0. zope-cmfuid1.6 zope-marshall 0. 0. 0. kdelibs zope-cmfactionicons1 zope-mimetypesregis 0. libguile-ltdl-1 0. erl 0. 0. libiksemel-dev libosgcal0 0. kicker-applets konq-plugins 0. 0. 0. pike7.6-doc 0. 0. catdoc ppthtml 0. 0. s 0. ler kde-core libdirectfb-dev nagios2-doc 0. 0. 0. libsepol1-dev frozen-bubble-data nagios2-common kuipc libselinux1-dev 0. libsqlite-ocaml knetworkconf guile-1.6-libs 0. 0. 0. 0. 0. libtext-simpletable-p 0. 0. 0. -perl -perl 0. libfontconfig1-dev libemail-mime-perl 0. 2 openmsx-data 0. kpager 0. kpersonalizer 0. 0. zope-portaltransform zope-archetypes zope-cmfformcontrol 0. 0. 0. 0. slice2javae 0. s-perl libdns22 ttype-perl libfile-copy-recursive libsqlite-ocaml-dev pike7.6-reference libhttp-request-ascgi 3.72340425532 libmpeg3-dev 0. zope-textindexng2 libdts-dev python-twisted-web 0. 0. libatk1-ruby 0. 0. libhttp-body-perl slice2cppe cernlib-core-dev libfile-modified-perl 4.54545454545 libgdk-pixbuf2-ruby lsb-desktop 0. cil 0. openmsx 0. libxft-dev 0. 0. 0. ktip libisc11 zope-cmf1.6 libisccfg1 0. 0. l kdepasswd 0. kdeaddons 0. 0. libhttp-request-param 0. 0. 0. 0. libemail-mime-conten zope3 0. kleopatra 0. 4.54545454545 0. 0. python-pqueue 0. libgtk2-ruby 4.78723404255 0. 0. lsb-qt4 0. icee-translators 0. lsb-graphics 0. libisccc0 kdebase libmono-data-tds1.0- dzedit 0. cbios 0. 0. 0. 0. torcs-data-cars erl gpgsm 0. libtk-tablematrix-per 0. 0. 0. 0. zope-dcworkflow1.6 zope-cmfcalendar1.6 libxau6 0. python-newt gnupg-agent 0. 0. python-selinux 0. 0. libxrender-dev 0. juk 0. 0. 0. 0. 0. cil erl 0. g77 0. factory-perl 1.0-cil er-perl 2.52209131075 b rl libpango1-ruby 0.258445634115 libcairo-ruby1.8 0. 0. 0. 0. knewsticker-scripts 0. 0. 0. 0. libnews-nntpclient-p 0. python-clientform libx11-6 0. python-mechanize 3.84615384615 libtunepimp-bin 0. 0. routeplanner xmltv-gui 0. x11-common 0. 0.505050505051 0. 2.75059996308 torcs-data rences 0. 0. libmono-security1.0- libemail-messageid-p 0. 3.84615384615 gnupg2 0. dirmngr libtree-simple-visitor libemail-mime-modifi libmono-system-data libtie-regexphash-pe 0. zope-textindexng2-li g77-3.4 0. zope-validation libcairo-ruby libg2c0-dev 0. 0. 2.78700627538 rl 0. 3.84615384615 policycoreutils 2.73012359343 0. 0. kdemultimedia zope-cmftopic1.6 zope-cmfsetup1.6 0.0553812073103 0. rent-perl kdepim 0. 0. 0. 0. 0. x11proto-render-dev 3.84615384615 0. 0. 0. phpgroupware-prefe 0. libxdmcp6 libx11-data 0. 0. ev 0. 0. 0. libclass-whitehole-pe libxmltv-perl 0. nder-data 0. 0. zope-cmfdefault1.6 0. torcs-data-tracks 0. 0. slimserver 0. 0. v 0. 0. phpgroupware libhttp-cache-transpa 0. 0. 0. phpgroupware-setup 0. 0. 0. libgraphviz-perl 0. libgwrap-runtime0-d 0. s-perl python-semanage libdbh1.0-1 libeel2-dev kdemultimedia-kappfi 2.27272727273 0. 0. 0. 0. 0. 0. 0. libgnome-desktop-de 0. 0. 0. 0. 0. g-wrap xmltv-util 0. guile-1.6-slib 0. 2.27272727273 2.27272727273 0. 0. 0. libclass-makemethod 0. 0. 0. 0. 0. 0. 0. libarts1-audiofile kaudiocreator libdbh1.0-dev libffi4-dev libxt-java libxfcegui4-dev r-perl kaboodle 0. -dev libarts1-xine ommon 0. php4-imap libdbd-sqlite-ruby 0. 0. phpgroupware-admin 2.27272727273 0. 0. 0. libsql-translator-perl 0. 0. gucharmap 0. 0. api libobject-realize-late gnome-core-devel 0. 0. libnautilus-extension libatspi-dev 0. 0. 2.27272727273 openoffice.org-java-c libclass-base-perl 0. 0. totem 0. 0. 0. sisu-sqlite 0. phpgroupware-phpgw 0. libdbd-sqlite-ruby1.8 0. guile-library 0. plugins 0. libgnome-menu-dev 0. 0. sendmail-cf y1.8 0. php-net-imap php4-domxml 0. 0. 0. bsh gnome-utils ncy-perl 0. 0. 0. 0. libjline-java libpod-tests-perl 0. libmail-box-perl cl-asdf libicee11 0. libima-dbi-perl kstars-data 0. 0. 0. libgettext-ruby-util 0. 0. libffcall1-dev 0. 0. 0. sendmail-bin kdemultimedia-kfile- 0. 0. 0. 0. 0. libgnomevfs2-bin 0. libgstreamer0.10-rub lers 0. 0. libtest-classapi-perl mono-common 0. libalgorithm-depende sendmail 0. rmail 0. docbook-to-man gnome-user-guide er 0. 0. kstars 0. 1.36054421769 libemail-find-perl libicee-dev geekast-binary 0. libclass-dbi-perl kolab-resource-hand 0. libxmlrpc-ruby sendmail-base libgnomevfs2-extra libopenssl-ruby 0. mono-jit 0. 0. gnome-themes 0. 0. libuser-identity-perl 0. or binfmt-support gtk-doc-tools 0. common-lisp-controll indi 0. 1.3698630137 xpilot-ng-client-x11 libtest-inline-perl l xpilot-ng-common 0. -perl .8 libgnustep-base-dev 0. 0. 0. 0. 0. nautilus-cd-burner 0. libiceec11 puppet 0. 0. dhcdbd 3.7037037037 perl 0. gnome-system-monit dhcp3-client evince n 0. 0. python-pgsql libhtml-fromtext-per 0. libidl0 libgtk-trayicon-ruby libuniversal-can-perl gnumed-common xpilot-ng liblog-tracemessages libgtk-trayicon-ruby1 0. let ncurses-bin libfile-flat-perl libprefork-perl sensible-mda realpath 0. gobjc 0. 0. file-roller gnome-nettool 0. cl-closer-mop xpilot-ng-server xpilot-ng-client-sdl ger 0. 0. libuniversal-moniker- 0. 0. 0. sound-juicer 0.974025974026 libbonoboui2-commo 0. 0. 0. gcalctool 0. rl gnome-netstatus-app liborbit2 0. gnumed-client kmailcvt network-manager 0. gconf-editor lsb-base libisajet758-2 liblzo1 -dev libpdflib804-2 bacula-console 0. cl-contextl -perl cl-lw-compat gnome-games libopencdk8 php4-ldap 0.738916256158 gnome-keyring-mana 0. l libisajet758-2-dev gnome-backgrounds gnome-games-data geant321 libherwig59-2 konsolekalendar 0. libbonoboui2-0 libpdflib804-2-dev libfile-type-perl 0.738916256158 korn 4.06091370558 0. libperlio-eol-perl 0. python-poker-engine kdepim-wizards 4.90479817212 libgnomeui-0 0. libtest-mockobject-pe 0. iputils-arping gnumed-doc 0. facter sed ktnef 0.425170068027 libherwig59-2-dev rk libphotos202-dev 0. libgnomeui-common libdmsocket-0.32.5-0 0.0850340136054 libeurodec1 0. libperlio-via-dynamic 0. libgconf2-4 0. 0. karm 0. libdata-hierarchy-per 0. kdepim-kfile-plugins kandy 0. networkstatus libgnutls13 akregator 0. 3.20197044335 libio-digest-perl vino librainbow0c2 bacula-client 0. libphotos202 0. apg geant321-data libgeant321-2-dev 0. perl e-perl kdnssd 0. 0. libeurodec1-dev 0. 0. 0. python-poker-netwo 0. 0. 0. libcojets2 libgnome-keyring0 xpilot-ng-utils libnss-mdns libdlisp0-dev 0. libdshconfig1-dev 0. 0. 0. python-pypoker-eval 0. kdeartwork-misc s 3.20197044335 0. libart-dev 0. kbstate montecarlo-base 0. 0. 0. 0. 0. 0. gnomoradio libalgorithm-annotat libperlio-via-symlink- kmag libuniversal-isa-perl gconf2-common libroboradio0c2 0. libgeant321-2 bacula-fd kttsd 0. knode 0. 0. 0. 0. libcojets2-dev 0.127551020408 0. kdeartwork-style -dev 0. 0. kdenetwork ss 0. 0. 0. 0. 0. 0. 0. 0. 0. kdeartwork-emoticon 0. 0. 0. 0. 0. 0. kcoloredit ksayit 0. gins 0. kmousetool kget on 0. libgnome-dev 0. libxcursor-dev kamera libdnas-core-0.32.5-0 openoffice.org-impre mplayer python-soappy gnome-keyring libtasn1-3 kdeaccessibility 0. 0. libgtkmm2.0-dev 0. 0. 0. 0. s 0. 0. kdeartwork 0. 0. python-ipy 0. 1.17647058824 0. 0. 2.35294117647 0. openoffice.org gins x11proto-core-dev 0. kdegraphics-kfile-plu 0. ksnapshot openoffice.org-calc kdeartwork-theme-ic 0. 0. 2.61780104712 0. 0. libqt3-headers 0. ms-sys 0. svk 0. 1.55440414508 libxau-dev 0. libxfixes-dev mindi-busybox libxdmcp-dev 0. 0. kscreensaver-xsaver x11proto-fixes-dev libgnorba-dev 1.15606936416 cernlib-montecarlo mplayer-skin-blue libxmlsec1-gnutls 0. liblogfile-rotate-perl asterisk-config 0. kpf 0. 0. 0. 0. openoffice.org-draw 0. kdenetwork-kfile-plu 0. kdvi 0. 0. 0. indow 0. kruler 0. musixtex-slurps 0. 2.04081632653 1.55844155844 2.09973753281 0.787401574803 0. 0. kdegraphics python-foomatic kppp mindi 0. 0. dcoprss libbonobomm1.3-dev musixtex 0. 0. libopenexr2c2a 0. 0. kscreensaver krdc libqt3-mt-dev menu-xdg libphtools2 kfax 0. libavahi-qt3-1 krfb 3cdtf-perl 0. libconfhelper-perl libsvn-mirror-perl libsvn-simple-perl 0. 0. libphtools2-dev kpdf asterisk kmouth kdeartwork-theme-w libxext-dev 0. kwifimanager 0.787401574803 libmono-cairo2.0-cil libmono-sqlite2.0-cil 0. 0. 0. x11proto-xext-dev debian-el 0. libxmlsec1-dev 0. 0. 0. l 0. libhtml-table-perl 0. ail-perl 0. 0. 0. libbonobo2-common texlive-music 2.09973753281 musixlyr kdelibs-data libarts1c2a 0. 0. kooka 3.69609856263 0. kfaxview libdatetime-format-w 0. 0. 0.787401574803 0.787401574803 flowscan 0. 0. 2.51572327044 0. banshee lationship-perl tuxpaint openoffice.org-math foomatic-db-engine 1.02669404517 reportbug liborbit2cpp-dev 0. qt3-dev-tools 2.35849056604 libnet-patricia-perl dpkg-dev-el 0. 0.157232704403 libgnomevfs2-0 libavahi-glib1 0. 0. libclass-dbi-sqlite-per 0. kgamma libfeed-find-perl libdatetime-format-m kolourpaint erl 3.69609856263 0. 0. 0. maxima-src 0. 0.157232704403 0.943396226415 0.787401574803 0. 0. asterisk-sounds-main 0. xtrans-dev kdewallpapers libxmlsec1-nss 0. knewsticker gnome-bin libbonobo2-0 parted 0. libdigest-perl x11proto-input-dev 0. libclass-dbi-loader-re 0. ult 0. 0. 0. 0. kdelibs4c2a 2.87474332649 kcharselect 0. 0. 0. maxima-share 0. 0. 0. libfile-desktopentry-p 0. 0. 0. libffcall1 0. libxml-feed-perl 0. 0.787401574803 kdessh 2.35849056604 gnome-libs-data libobjc1 libgnomesupport0 dia-gnome tuxpaint-data 0. 2.20125786164 0. 0. libboulder-perl superkaramba 0. 0. 0. flowscan-cuflow abiword-gnome libx11-dev 0. libmaypole-perl 0. 1.02669404517 tuxpaint-stamps-defa 0. slice2vb 0. 0. x11proto-kb-dev liblua50 maxima-test 4.34782608696 liblualib50 kiconedit libfile-basedir-perl 0. 0. 0. 0. 0. 0.153609831029 0. 0. 0. 0. 0. 0. 0. perl shared-mime-info 0. slice2py 0. v 0. slice2cpp libdbi-perl kdf 3.26086956522 0. 0. capplets-data 0. 0. libgnustep-base1.13 libgnumail-java 0. 0. 0. kdeutils 0. 0. dmidecode 0. rl boo 0. 0. 0. 0. 0. 0. 0. 0. python-pyasn1 0. e pe-perl 0. n 0. 2.86885245902 libxklavier10 r 0. gnome-desktop-data libxml-atom-perl 0. libcflow-perl gnome-office 3.26086956522 0. 0. 2.24719101124 0. -cil libgnome32 liblwp-authen-wsse- libgnomeui32 libconfigreader-perl libfile-mimeinfo-perl libjessie-java libgnujaf-java kwalletmanager libjinglexmllite0.3-de 0. 4.7619047619 slice2cs 0. 0. 0. slice2java kfloppy 0. 0. 0. 0. 0. libsmi2-common 0. 2.17391304348 0. 0. laptop-detect ice-translators 0. 0. 0. libclass-dbi-asform-pe gnustep-common libplrpc-perl 3.7037037037 0.689655172414 gnome-mime-data 0. 0. libclass-dbi-plugin-ty gnustep-base-runtim 4. 0. 0. 1.02459016393 0. libgnomevfs2-commo 0. libnet-daemon-perl kgpg gnome-control-cente 0. ktimer xemacs21-bin libmono-sharpzip0.6 4.34782608696 0. 0. n 0. 0. 0. 0. 0. 0. 0. 0. 4.49438202247 4.7619047619 1.05263157895 g++-3.3 libjinglep2p0.3-dev libgnorba27 4.7619047619 libjinglexmpp0.3-dev tasksel-data rt python-pysnmp4 libgnorbagtk0 education-tasks 4. libgsf0.0-cil slice2freezej slice2docbook 0. 0. 0. 0. 0. 0. 0. eog 0. libbcmail-java 0. libgnuinet-java 0. 0. 0. libatk1.0-0 0. ocaml-report r-cran-vgam 4. 0. 0. 0. python-dispatch gnustep-base-commo 0. gnome-menus python-gmenu slice2freeze 4.34782608696 liblucene-java-doc libxtrap6 0. beagle kjots bug-buddy 0. 0. libkokyu5.4.7c2a python-protocols 0. xemacs21-support libcairo2-dev 0. ocamlcvs 0. 0. ocaml-dbforge 0. libgtk2.0-common xemacs21-basesuppo gnome-session 0. 0. 0. 0. python-simplejson perl gcc-3.3 cpp-3.3 0. 0. 0. libxss1 4. kmoon 0.222593210907 0. python-pastedeploy 0. 0. libjinglebase0.3-dev libgnucrypto-java r-cran-mcmcpack 0. tasksel liblucene-java inkscape aptitude cameleon libatk1.0-dev 0. 0. 0. libgtk2.0-0 0. libacexml5.4.7c2a gnome-core 0.367647058824 0. kodo 4.54545454545 kdetoys 4.6568627451 python-paste 0. python-turbojson a 0. 0. 0. r-cran-zelig xemacs21 libxml-handler-trees- 0. libacl1 0. 0. 3.44827586207 libattr1 0. libkcal2-dev 0. 0. libgnome2-ruby xbase-clients v libmono-peapi2.0-cil 0.186081131373 v libavahi-client3 0. il 4.54545454545 libxmuu1 0.735294117647 1.6694490818 1.6694490818 libgtk2.0-dev 0. eclipse-platform 0. 0. libstdc++5-3.3-dev ild2.0-cil 0. 0. libjsch-java 3.6036036036 0. 0.447816892648 0. 0. 0. 0. 0.273665878841 0.735294117647 0. 4.54545454545 libtao-orbsvcs1.4.7c2 y 0. v a 0. 0. kteatime coreutils 3.79901960784 1.19352088662 1.10826939471 0. libpango1.0-0 fifteenapplet python-pastescript 0. gnome-terminal libdata-optlist-perl python-sqlobject libgnomeprint-bin 4.10284463895 gfortran libxml-light-ocaml-de libpango1.0-common libcameleon-ocaml-de gnuift gnome-terminal-data libmono-relaxng1.0-c python-formencode python-mpi libace-ssl5.4.7c2a libpango1.0-dev 0. paste-common libxkbfile1 gnuift-perl libyaml-ruby 0. libcairo2 0. libfs6 0. 0. 0. 0. 0. 1.46784425924 1.49272297549 0. 0. 0. libmono-microsoft-bu libart2-ruby 0. libktnef1-dev 0. 0.0842459983151 libihelp-ruby1.8 libavahi-common3 0. 0. libgnomecanvas2-rub libkpimexchange1-de libavahi-common-dat libggi2 libsepol1 mono-gmcs libselinux1 0. proll libiconv-ruby 0. 0. 0. 0. luola libkcal2b libecpg-compat2 0. 0. 0. 0. libmono-peapi1.0-cil ktux 0.0367782272894 4. 4. 0. eyesapplet 0. 0. 0. gfortran-4.1 libsub-install-perl libgnomeprint15 0. python-netcdf 0. libsub-exporter-perl libgnomeprint-data libgfortran1-dev python-scientific 0. ri 0. mono-mcs dnsdoctor 0. 0. ri1.8 2.27272727273 openhackware 0. 0. 0. libgii1 0. 0. amor libktnef1 libecpg5 libgii1-target-x luola-data libkdepim1a libpgtypes2 luola-levels kweather qemu 2.27272727273 0.

Figure 8: Strong dominance graph for Debian 4.0.

Mancoosi D5.1 Strong Dependencies between Software Components page 25 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI

Figure 9: The Figure shows the cluster of packages associated to the KDE suite in the strong dominator graph for Debian Sarge. We can immediately spot the package kde-amusements, that is partially overlapping kde-games and kdeedu: this is an architectural issue, that has been ﬁxed in later Debian versions.

Mancoosi D5.1 Strong Dependencies between Software Components page 26 of 27 FP7-ICT-2007-1 STREP project April 21st, 2009 MANCOOSI d-java jsvc pocketpc-gas pocketpc-binutils b 0. bulmacont libxalan2-java-gcj libooolib-perl kdelibs-bin 0. libswt3.2-gtk-java ual 0. 0. r-cran-rpart kmousetool 0. 0. libmowgli-dev libgtkglext1-ruby 0. 0. 0. libcommons-io-java il 0. kfilereplace libnet-cidr-perl 0. 4.7619047619 libfile-basedir-perl libcommons-fileuploa 0. 0. kmag quanta kmouth libxmltv-perl 0. 0. 4.7619047619 sendmail-bin -java 0. 0. 0. 0. libmcs-dev courier-authlib-userd 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. gtk-sharp2-examples 0. pocketpc-gcc libsoprano4 0. 0. 0. kdelibs5-data monodoc-gtk2.0-man r-cran-kernsmooth 0. 4.7619047619 eclipse-rcp erl 0. 0. libio-multiplex-perl libtext-bidi-perl 0. 0. libace-tkreactor-dev 0. 0. libmono-mozilla0.2-c libjaxp1.3-java-gcj libxerces2-java-gcj libswt3.2-gtk-jni 0. tomcat5.5 0. cupsddk 0. 0. 0. 2.0-cil 0. 4.7619047619 ksayit 0. kdewebdev 0. libparsifal-dev kbstate 0. 0. 0. libopengl-ruby bulmacont-plugins 0. 0. libsuperlu3-dev 0. sendmail-cf libcommons-daemon 0. libgtkglext1-ruby1.8 0. kimagemapeditor sendmail-base courier-authdaemon audacious-dev kdeaccessibility 0. kdelibs5 dev 0. gnumed-doc 0. 0. 0. libstruts1.2-java quanta-data 0. r-recommended libgnorba27 libfile-mimeinfo-perl 0. nder-data 0. 0. libfile-desktopentry-p 0. gtk-sharp2 libnet-server-perl tk 0. 0. 0. courier-base tk-dev 0. libmono-accessibility 0. xmltv-util hpijs 0. 0. klinkstatus 0. 0. r-cran-foreign rent-perl 0. -cil sendmail r-java 0. python-enchant e-perl librose-object-perl gnumed-common 0. cupsddk-drivers librose-datetime-perl plugins 0. 0. 0. kgpg x11proto-composite- 0. 0. s-perl libgnorbagtk0 libsvn-simple-perl gnome-libs-data kfloppy 0. libsidl-dev 0. python-gnome2-dev 0. 0. 0. 0. 0. 1.88679245283 libhypre-dev kdemultimedia-kappfi 0. 0. 0. klines 0. 0. kjots 0. 0. 0. 0. 0. kmahjongg 0. 0. kdf 0. libsvn-mirror-perl sasl2-bin 0. libhttp-cache-transpa klickety 0. 0. libcommons-validato libmono-winforms2.0 gnumed-client kmines libgtk2.0-dev top-dev 0. 0. libalgorithm-annotat r-cran-codetools 0. sensible-mda 0. kdemultimedia-kfile- libatk1.0-dev 0. 0. 0. 0. libclass-makemethod php-crypt-cbc 0. 0. 0. 1.88679245283 0. 0. 0. librose-db-perl sbox-dtc 0. 0. 0. 0. knetwalk libpetsc2.3.3-dev 0. 0. pocketpc-sdk fretsonfire-game kaudiocreator 0. 0. 0. 0. kjumpingcube kxsldbg 0. kttsd 0. kdeutils 0. 0. libgraph-perl ktimer 0. libclass-base-perl 0. 0. gnome-bin libxcomposite-dev libgnome32 kdessh ncftp 0. 0. python-gnome2-desk python-ooolib 0. 0. 0. python-pyorbit-dev python-rtfcomp 0. 0. 0. 0. 0. 0. 1.88679245283 kdemultimedia 0. 0. 0. 0. konquest 0. etcinsvk 0. svk 0. 0. 0. 0. 0. 0. toid 0. kgoldrunner 0. juk 0. 0. python-rra 0. libspooles-dev ql-mysql 0. -perl libsuitesparse-dev ysql-perl 1.88679245283 0. 0. libarts1-audiofile 0. 0. 0. kpat 0. dtc-common kcharselect 0. 0. ttf-mgopen kwalletmanager 0. chrootuid libsql-translator-perl 0. 0. libgnomeui32 libxdamage-dev 0. fretsonfire-songs-sec kfouleggs libgnomesupport0 gtk-sharp2-gapi gnome-core-devel 0. 0. 0. 0. libapache2-mod-log-s libsql-reservedwords 0. 0. libdatetime-format-m kpoker l v synce-sync-engine 0. python-rapi2 0. 0. 0. 0. 0. apt-cross libpcp-trace2 libpcp-pmda3 kmoon 0. libclone-pp-perl 0. 0. binutils-multiarch libtime-clock-perl kodo python-gnuplot type-handling 0. 0. 0. kenolaba 0. 0. 0. 0. tasksel 0. 0. libapp-cli-perl 0. 0. libdata-hierarchy-per x11proto-damage-de tasksel-data 0. 0. 0. superkaramba kreversi 0. pcp 0. 0. 0. 0. asterisk-config fifteenapplet 0. classpath-common 0. wer 0. 0. 0. kteatime 0. 0. -plugin 2.7397260274 sisu-postgresql 0. erl 2.7397260274 liburi-template-perl 0. bacula-console 0. 0. 0. 0. 0. 0. 0. 0. kdetoys 0. aptitude 0. 0. as perl 0. 0. ksame 0. 0. plugin 0. 0. 0. claws-mail-html2-vie dpkg-cross g-perl -perl 0. 0. 0. asterisk ktux kdegames-card-data 0. perl ifier claws-mail-mailmbox libarts1-xine eyesapplet 2.63157894737 0. classpath pike7.6-manual libterm-progressbar-p 0. 0. 0. 0. 0. kdegames libdbd-pg-ruby opensaml2-schemas libdbd-pg-ruby1.8 0. facter 0. libcwidget3 libwww-opensearch- webalizer shibboleth-sp2-schem 0. libmkdoc-xml-perl 0. bacula-client claws-mail-fetchinfo- 0. 0. 0. amor 0. 0. kshisen 0. kweather libdatetime-format-p libperlio-via-dynamic matchbox-desktop 0. 0. matchbox-keyboard libgraphviz-perl claws-mail-multi-not libperlio-via-symlink- 0. 0. 0. 0. 0. 0. 0. 0. emdebian-rootfs libgnome-speech-dev der 0. kbounce 0. 0. libshadow-ruby1.8 sysv-rc-conf 0. 0. pike7.6-doc 0. libshibsp1 0. 0. libgweather-dev libpetal-perl plugin ksirtet asterisk-sounds-main kstars classpath-gtkpeer libpetal-utils-perl 0. 0. libxml-feed-perl libfeed-find-perl jarwrapper 0. bacula-fd puppet matchbox 0. pgf i libuniversal-can-perl 0. claws-mail-feeds-rea 0. libgail-gnome-dev 0. 0. 0. 0. 0. libio-digest-perl ecj-gcj libperlio-eol-perl -openvz-686 0. kworldclock matchbox-panel liboobs-1-dev 0. matchbox-common 0. kblackbox 0. 0. python-qt-dev libatspi-dev 0. 0. indi 0. 0. 0. 0. claws-mail-newmail- 0. 0. libvte-dev kstars-data tised-perl 0. 0. ksmiletris debian-edu-config 0. 0. 0. 0. salliere 0. libtotem-plparser-dev 0. 0. gambas2-gb-form-md lxde-settings-daemon libarts1c2a 0. 0. 0. er rl 0. log 0. latex-xcolor pike7.6-reference 0. latex-beamer linux-image-2.6.26-1 0. 3.26086956522 0. pykdeextensions 0. ecj libsearchclient-dev 0. lxde-common 0. 0. kdeedu libartsc0 0. kbattleship 0. libecj-java-gcj 0. 0.679347826087 libclass-c3-componen 0. 0. ksnake 0. 0. 0. 0.82304526749 0. claws-mail-cache-sav v libtest-mockobject-pe oss-compat ped-perl 0. erl 0. 0. 0. gambas2-gb-form-dia libxklavier12-dev kde-guidance 0. libcsv-java 0. 4.11522633745 lxde-core gins 0. 0. 0. claws-mail-perl-filter 0. gambas2-ide 0. vzctl 0. 0. 0. 1.50891632373 vzquota ksokoban yring kdelibs4c2a 0. kbackgammon edos-debcheck 0. libstreams-dev 0. chemical-mime-data ager libstreamanalyzer-de java-gcj-compat-dev guidance-backends libcrypt-rijndael-perl 0. libclass-accessor-grou 0. libdebian-dpkgcross-p bodr 0.137174211248 0. rner claws-mail-extra-plu xblast-tnt-images pcmanfm katomic lxsession-lite 0. kspaceduel 1.78326474623 0. libsary-ruby1.8 libgnomekbd-dev libcache-apt-perl 0. xmltooling-schemas 0. libgnomekbdui-dev libsuikyo-ruby1.8 libdbix-class-perl 2.19478737997 emdebian-archive-ke kdelibs-data tftp gin 1.92043895748 0. ktron 0. 0. 0. kasteroids libhighgui-dev matchbox-panel-man lskat gambas2-gb-desktop resolvconf libuniversal-isa-perl libgettext-ruby-util ktuberling libgcu0 0. 0. debian-edu-artwork liblualib50 0. ttf-unifont 0. libdata-entropy-perl claws-mail-attach-wa menu-xdg 0.134589502019 0. 0. liblua50 0.137174211248 0. prime debian-el 0. l cl-url-rewrite 0. xblast-tnt claws-mail-smime-plu 0. 0. 0. 0. e 0. libreadonly-xs-perl libtasn1-3 rl 0. libcv-dev xscreensaver libcvaux-dev 0. 0. cl-rfc2388 0. 0. geekast-binary 0. libcojets2-dev 0. 0. 0. kdesdk-kfile-plugins kdesdk-misc libcojets2-gfortran unifont libdata-integer-perl 0. libscalar-number-per reportbug 0. 0. 0. dpkg-dev-el mover kwin4 0. 0. 0. 0. libpod-spell-perl 0. ort libstring-format-perl gnustep-base-runtim 0. 0. 0. libgnutls26 0. y1.8 0. 0. libemdebian-tools-pe 0. libfilesys-df-perl libavahi-qt3-1 0. kcachegrind hunchentoot 6-preferences cl-fad 0. 0. 0. stractcount-perl libzzip-dev 0. 0. n 3.44827586207 1.14942528736 rl 0. 0. 3.30225330225 2.85547785548 xblast-tnt-models kdesdk-scripts claws-mail-attach-re 0. 0. libglib2-ruby 0. 0. claws-mail-spam-rep libperl-critic-perl cernlib-montecarlo 0. 0. 0. 0. 0. libgstreamer0.10-rub 0. libgcrypt11 0. 0. 0.434290030211 xfonts-unifont libgpg-error0 0. 0. 0. phpgroupware-0.9.1 2.24719101124 0. 0. cl-chunga rl lugin gin 0. libclass-dbi-plugin-ab libdata-float-perl 0. libgnustep-base1.16 kbugbuster y 6-setup 6-admin gnustep-base-commo libparams-classify-pe 0. 0. prime-dict cl-base64 0. 0. 0. python-daap python-gpod 0. 0. kdesdk 0. kmtrace 0. libogre-dev 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. r er 0. 0. 0. 0. 0. rl 0. 0. libgnome2-canvas-pe claws-mail-archiver-p claws-mail-synce-plu ger-perl phpgroupware-0.9.1 phpgroupware-0.9.1 libgstreamer0.10-rub 0. 0. 0. 0. 0. 0. busybox 0. 0. an libxxf86misc1 kspy liblucene-java-doc 0. elisa-plugins-bad 0. 0. 0. 0. 0. 0. 0. kapptemplate 0. 0. claws-mail-tnef-parse 0. claws-mail-acpi-notifi 0. 0. libxtrap6 0. 0. gucharmap 0. libclass-dbi-plugin-pe libgtk2.0-bin 0. 0. 0. 0. 0. 0. libclass-dbi-plugin-pa 0. 0. libdatetime-perl liblucene-java 0. 0. libfreeimage-dev 0. 4.14572864322 0. 0. python-louie python-axiom libherwig59-2-gfortr 0. 0. kuiviewer 0. poxml 0. 0. 0. 0. 0. 0. 0. 0. 0.376884422111 libgnome2-perl perltidy live-initramfs n 0. 0. 2.27272727273 libaa1-dev l 0. cervisia -perl kunittest 6-core-base montecarlo-data x11-xserver-utils eclipse-platform ronment s 0. 0. 0. 0. libherwig59-2-dev 0. 0. 0. -plugin 0. cl-closer-mop phpgroupware 2.22222222222 kalzium-data 0. 0. libisajet758-3-gfortra libxcb-atom0-dev 0. 0. 0. libclass-singleton-per 0. 0. 0. knetworkconf phpgroupware-0.9.1 libdatetime-timezone zope-externaleditor python-tagpy kwordquiz python-epsilon gnome-desktop-envi user-setup 0. 0. kdeadmin-kfile-plugin kalzium libggi2-dev montecarlo-base erl 0. 6-phpgwapi 0. claws-mail-vcalendar python-turbojson 0. libisajet758-3-dev libgnome2-vfs-perl cl-contextl 0. cl-lw-compat 0. umbrello poppler-utils kfind 0. 0. 0. ran 0. n kanagram kvoctrain libphtools2-dev 0. libxcb-icccm0-dev 0. kpackage 0. -perl kdat nagios3 python-coherence libpdflib804-2-dev 0. kdesktop 0. 0. 0. 0. 0. libemail-messageid-p kdeadmin phpgroupware-0.9.1 0. 0. kbruch libecpg-compat3 0. 0. 0. libphtools2-gfortran kverbos python-dispatch 0. 0. zope-plone3 libgii1-dev 0. libphotos202-1-gfort 0. libphotos202-dev er-perl libpdflib804-2-gfortra python-turbogears 0. liblingua-stem-perl python-cherrypy 0. liblingua-pt-stemmer kcron ksysv 0. scantv kturtle konqueror 0. kdeedu-data 0. 0. libgsl-ruby pia nagios3-doc 0. libxcb-event0-dev libloader-java libxcb-property0-dev libecpg6 0. nagios3-common ktouch dzedit 0. perl libpgtypes3 libsub-identify-perl keduca 0. nypatchy 0. 0. 0. libemail-mime-modifi 0. 0. python-protocols 0. 0. 0. libeurodec1-dev 0. kpercentage 0. xawtv 0. kgeography-data 0. python-pyasn1 all-da-perl n-perl 0. perl kmplot libjakarta-poi-java kgeography plotutils 0. kig 0. klettres khangman libgsl-ruby1.8 libuniversal-moniker- kiten klatin 0. 0. libmoose-perl 0. klettres-data 0. libclass-mop-perl 0. 0. ttype-perl 0. 0. 0. 3.15229775921 libsmi2-common libxine1-console libx11-data 0. 0. 0. libxine1-misc-plugins cernlib-core-dev 0. libsnowball-norwegia liblingua-stem-snowb 0. 0. 0. libgdbm3 0. 0. libeurodec1-gfortran 0. libflute-1.3-jfree-java kleopatra perl-modules libemail-mime-perl 0. kuser 2.27272727273 4.54545454545 0. 3.15229775921 libclass-dbi-perl 0. 0. ttf-sjfonts 0. libemail-mime-conten 0. libx11-6 weechat konqueror-nsplugins libsub-name-perl python-turbokid python-pysnmp4 0. kmenuedit gpgsm 0. libxine1 0. 0. 0. 0. 1.29986553115 1.49409831167 0. 0. libkcal2b 0. 0. 0. 0. gnupg-agent 0. 0. 0. blinken 0. 0. libxau6 kpager perl libxdmcp6 0. 0. 0. 0. ch-perl klipper 2.12765957447 0. 0. 1.2550425818 0. liblayout-java 0.0298819662334 0. 0. 0. 0. kdebase weechat-curses 1.26941457587 0. libktnef1 0.236023012244 weechat-common 0. 1.46356033453 libkdepim1a libima-dbi-perl gnupg2 0. kuipc libtext-german-perl bogofilter 0. 0.0442543147957 0. libsnowball-swedish- 0. 2.12765957447 dirmngr 0. libdbix-contextualfet 0. libxcb1 2.27272727273 paw-common 1.22461170848 libxcb-xlib0 0. -flow-engine-java 0. 0. 0. 0. kpersonalizer kdeprint 0. 0. paw 0. paw-demos 0. -java 0. kdepim 0. gtk mimetex 0. 0. 0. 0. libplucene-perl 0. 0. 0. 0. 0. 0. libpentaho-reporting cernlib-core 0. ksmserver kdepasswd 0. 0. bogofilter-bdb libgnomecups1.0-1 0. 0. 0. luola 0. vino libjcommon-serializer 0. alacarte claws-mail-bogofilter 0. software-properties- 0. libxine1-x libbonobo2-0 0. moodle rl 0. 0. -perl 0. libxml-java 0. 0. kxterm paw++ 0. 0. 0. 0.552486187845 0. xfce4-utils vinagre 0. cheese libzeroc-ice-java libbonoboui2-0 4.36241610738 libfonts-java luola-data luola-levels a yui ktip libxml-security-c-dev 0. 0. cbios perl 0. 0. libtie-array-sorted-pe libbit-vector-minimal -perl 0. 0. envpn 4.36241610738 libgnome2-0 0. 0. n arts libbonobo2-common 0. libgnomeprint2.2-0 0.378071833648 update-manager 0. kget libjgoodies-forms-jav 0. desktop-base libxalan110-dev swfdec-gnome 0. libxmltooling-dev 0. libxml-handler-trees- xfdesktop4 gretl-common 0. knewsticker libhash-withdefaults multipath-tools 0. network-manager-op openmsx 0.378071833648 libgnomeui-0 0. kdnssd capplets-data icegrid-gui python-twisted-lore 0. 0. 0. 0. 0. libbonoboui2-commo 0. 0. python-twisted-bin 0. 0. 0. 0. 0. 0. a kpf kde-core 0. 0. libhash-case-perl 0. 0. 0. libgda3-sqlite 0. 0. 0. sound-juicer 0. 0. gretl 0. ncurses-bin 0. 0. gnuift gcj-4.2 0. libgnome2-common libclass-virtual-perl gins gnuift-perl 0. dmz-cursor-theme r 0. 0. kpartx 0. 0. 0. 1.35135135135 0. 0. 0. 0. 0. openvpn 0. 0. 0. kppp 0. -api-java libsaml2-dev libgnomeprint2.2-dat update-manager-core 0. multipath-tools-boot openvpn-blacklist xfdesktop4-data liblog4cpp5-dev libformula-java openmsx-data kdenetwork kdelibs let seahorse 0. python-twisted 0. libwnck-common libconfig-inihash-perl libgnomeui-common -perl kdenetwork-kfile-plu libgcj8-jar libgcj8-dev 0. libgretl1 gnome-control-cente 0. kfaxview kfax 0. 0. lsb-base 0. courier-pop -java krdc torcs-data-cars python-twisted-core libgnomedb3-4 0. libdata-visitor-perl libplexus-component rl 0. 0. alien fast-user-switch-app kgamma gnome-utils kdvi 0. 0. bulmafact-plugins courier-pop-ssl 0. 0. 0. ail-perl s 0. 3.71713508613 0. krfb libstring-koremutake dcoprss 0. 0. 0. erl libtasn1-3-dev sed libegroupwise1.2-13 0. 0. 4.05405405405 0. libplexus-classworlds python-selinux file-roller python-semanage libwnck22 on 0. libpacklib-lesstif1-dev libfontconfig1-dev 0. 0. 3 n 0. libole-storage-lite-pe 0. libtest-use-ok-perl gins lsb-core 0. kiconedit 0. 0. y-api-java torcs-data gnome-user-guide 0. 0. dtc-postfix-courier 0. python-twisted-new 0. powermgmt-base libdatetime-format-m gcalctool 0. 0. libsort-versions-perl 0. gnome-about 0. 0. 0. 0. 4.34782608696 0. 4.9504950495 libtie-toobject-perl l libproc-background-p libgnutls-dev 0. r-perl 0. 0. r ggable-perl libsmbios2 postgresql-contrib 4.23728813559 erl gnome-settings-daem libgnomedb3-commo python-zopeinterface postgresql-contrib-8. kdegraphics libxres1 0. 0. 0. 0. gnome-themes pax kdegraphics-kfile-plu 0. 4.16666666667 gconf-editor korn libplexus-interactivit 3.01204819277 policycoreutils libxft-dev courier-imap 0. 1.80722891566 0. libdevel-ebug-perl pm-utils kolourpaint 0. excel-perl courier-authlib-mysq 0. libobject-realize-late libwagon-java evolution-data-serve or knode courier-imap-ssl 0. 0. r-cran-mcmcpack 0. libpoe-component-plu -java let 1.17647058824 libcatalyst-modules-p python-antlr 4.34782608696 es-perl libpawlib-lesstif3-dev torcs-data-tracks libgcrypt11-dev libgpg-error-dev 0. kwifimanager gnome-system-tools proll 4.66101694915 gnome-panel 0. gnome-backgrounds 2.17391304348 libxml-rss-perl kmailcvt libconvert-tnef-perl 0. 0. hal akregator 0. libosgcal0 0. 0. kcoloredit er in kooka 0. libwsdl4j-java 0. 0. libspreadsheet-parse evolution-common 4.34782608696 0. libgnomevfs2-0 0. 0. 0. 0. gnome-system-monit r-cran-zelig 0. libcommons-openpgp proftpd-mod-ldap libxrender-dev r-cran-matchit openhackware gnome-netstatus-app networkstatus 0. 0. kdepim-wizards kandy libparse-cpan-packag 0. kruler 0. kamera karm gnome-nettool 0. 0. pike7.6-image 0. gnome-screensaver 0. 0. 0. -perl lationship-perl earch-perl kdepim-kfile-plugins n 0.150602409639 python-matplotlib qemu python-excelerator libmail-box-perl 0. 4.1095890411 libstlport4.6ldbl postfix-mysql gnome-network-adm gnome-power-manag erl libxbae-dev 1.31578947368 0. 0. 0. 0. 0. proftpd-basic 0. 0.403225806452 0. 3cdtf-perl libjtidy-java l 0. proftpd-mod-mysql libosgcal-dev libgdata-google1.2-1 pike7.6 0. 2.7397260274 amavisd-new gnome-panel-data libcommons-net-java 0. evolution r-cran-vgam libaxis-java libhyphen0 port-perl 0. 0. caudium-modules 0.15037593985 erl proftpd knewsticker-scripts 0. libts-0.0-0 gnome-mime-data 0. excel-perl libclass-dbi-loader-re libpoe-component-irc 0. libclass-dbi-abstracts ta -perl 4. libgnomevfs2-commo 3.57142857143 0. 0. 0. 0. openbios-sparc libnews-nntpclient-p rt3.6-apache2 chemeq ktnef units-filter 1.19047619048 0. 0. libsysfs2 on 2.7397260274 libdatetime-format-w libclass-dbi-pager-per python-minimal 0. x11proto-render-dev 0. 0. python-sepolgen libcss-squish-perl 0. 1.3698630137 0. ksnapshot 0. 4.1095890411 libmodule-versions-re gcc-4.3-base zzy-perl -perl 0.114810562572 libcgi-untaint-email-p libconfig-any-perl libspreadsheet-write y-java ss libcairo-ruby1.8 3.61653272101 libcpan-distnameinfo python-matplotlib-da a libuser-identity-perl openoffice.org-core 2.7397260274 libgnomevfs2-bin libcal3d12-dev libgdata1.2-1 gtkhtml3.14 4.2194092827 libostyle1c2 wims 0. rl erl 0.0422297297297 trieveall-perl kdeaddons pike7.6-pcre libneon27-dev pike7.6-gdbm kdeartwork-theme-ic 0. 0. 0. 0.00496845034034 5. 0. python 0. libconvert-uulib-perl 0.00496845034034 kdeartwork-style libdirectfb-1.0-0 libc6 libgcc1 encoding-perl libdbix-searchbuilder liblocale-maketext-fu 2.7397260274 1.3698630137 python2.5-minimal libatk1-ruby1.8 0. rl 4.22297297297 rl 0. 0. libcommons-discover openjdk-6-jre-headle libganymed-ssh2-jav 0. libpoe-filter-ircd-perl 0. sgml2x 0. openjade caudium hal-info 0. 0. 0. indow libclass-throwable-pe 0. libclass-dbi-plugin-re libtest-mockmodule-p 0. 0.0810372771475 0. 4.18074324324 erl 0. libpango1-ruby1.8 0. 0. 0. libtemplate-provider- oxy libroot5.18 0. 0. 0. librpm-dev python2.5 libhtml-prototype-pe v eue libcatalyst-view-tt-pe 0. 0. kdeartwork 2.63157894737 ime1.0-cil libxcb-render0-dev 0. 0. kdeartwork-misc 0. 0. lp-solve 0. 0. 0. 0. 1.73410404624 kdeartwork-theme-w 2.63157894737 konq-plugins 0. 0. 1.86385737439 openjdk-6-jre-lib r-cran-gplots 0. openoffice.org-calc 0. libpthread-stubs0 libobject-signature-p 0. 0. libaccess-bridge-java 0. proftpd-mod-pgsql 0. libdb4.5 4.54545454545 python-egenix-mxpr libpixman-1-dev 0. 0. rl 0. 0. 0. libxcb-render-util0-de s python-egenix-mxqu v il libmono-system-runt wims-modules libgtk2-ruby1.8 3.57142857143 0. libxcomposite1 0. 0. 0. root-plugin-proof 1.74418604651 0. 0. ebase root-system-common 4.54545454545 r-cran-gtools libbeecrypt6-dev 1.78571428571 r-cran-gmodels atlantikdesigner 0. kicker-applets ck libxau-dev 0. 1.16279069767 0. 0. librsvg2-bin python-json libphp-pclzip kdewallpapers 2.97619047619 0. openoffice.org libtemplate-timer-pe v cmake libdc1394-22-dev kdeartwork-emoticon ins slice2cppe libxdamage1 libkeyutils1 libpthread-stubs0-de 0. libmono-relaxng1.0-c 0. 0. libgtk2.0-common 0. 0. se-dbg 2.26345083488 peercast-geekast automoc 0. 0. s libcairo2-dev 0. 0. 0. 0. 0. 0. libpango1.0-dev python-egenix-mxbe r-cran-gdata noatun-plugins 1.0101010101 1.78571428571 1.85528756957 0. python-hippocanvas libmaypole-perl 0. python-egenix-mxsta docvert libgtk2.0-0 libjinglexmllite0.3-de 0. lify-perl 0. loader-perl 0.116121540546 mono-1.0-devel kdeaddons-kfile-plug 0. 0. icons-classic icons-square 0. 0. 0. libxcb1-dev 0. request-tracker3.6 0. 0. kate-plugins libkrb53 python-egenix-mx-ba 0. 0. 1.39720558882 0. 0. 0. peercast 0. kaddressbook-plugin 2latex 1.74418604651 musixtex-slurps 4.6511627907 erl peercast-servent libavcodec-dev kdelibs5-dev obiledev 3.57142857143 icee-translators libxdmcp-dev 0. 2.41935483871 0. libsoprano-dev bicyclerepair se-dev 2.63157894737 libpoe-component-ss libdbix-class-schema- 0. 2.22222222222 musixtex 0. 0. 0. 1.54828720728 python-sugar-toolkit libmono-peapi1.0-cil 0. 0. 0. openstreetmap-map- openstreetmap-map- kscreensaver libjinglep2p0.3-dev nbd-client 2.0-cil 0. libjinglexmpp0.3-dev 0. 0. console-setup rt3.6-clients 0. -dev 0. 4.6511627907 0. 4.16666666667 libdate-simple-perl libhtml-format-perl 0. ber-perl 2.32558139535 0. openoffice.org-writer libcgi-untaint-date-p liblualib50-dev 0. findutils ean 0.185528756957 libcomerr2 libmpeg3-dev 0. 0. 0. gconf2-common ksig libdirectfb-extra openoffice.org-filter-m python-egenix-mxuid libxcb-render0 eric 0. 0. libxmlada-dev 1.74418604651 3.57142857143 python-egenix-mx-ba ev 0.16501650165 x11proto-core-dev libsox-fmt-flac texlive-music libphonon-dev gpsdrive libgsm1-dev libsox-fmt-gsm slice2javae 0. 0. musixlyr libmono-system-data 0. 0. 0. ev cil libghc6-happs-server s-dev 2.7027027027 libpoe-component-jab libxcb-render-util0 libjinglebase0.3-dev openoffice.org-math initramfs-tools libfont-afm-perl 0. 4.52674897119 2.82485875706 openoffice.org-officeb php5-tidy 4.22535211268 0. 0. libgconf2-4 0.198150594452 ltsp-client-core 0. 0. 0. 0. 2.84090909091 0. 0. 3.37423312883 4.22535211268 .8 libtemplates-parser-d libmono2.0-cil liblua50-dev libatk1.0-0 0.0330250990753 l libattr1-dev 2.7808676307 libcairo2 3.20381731425 libmono-data-tds2.0- libghc6-happs-ixset-d 0.411522633745 libavahi-client3 0. 0. r-cran-fseries libsox-fmt-mp3 0. 0. libsox-fmt-ffmpeg libmpeg3-1 libsysfs-dev libghc6-syb-with-clas 2.11345939933 0. emental-perl 0. 2.94117647059 python-qscintilla2 libklibc libidl0 libaws-dev 3.16973415133 klibc-utils liborbit2 0. 0. 4.16666666667 0. 0.568181818182 0.409836065574 0. libboulder-perl 0.652883569097 3.30250990753 libpixman-1-0 0. -java 0. 0. libarts1-dev 2.5641025641 kdelibs4-dev 0. 0. 0. 2.84090909091 a libpango1.0-0 0. r-cran-fbasics libsox-fmt-all libgdk-pixbuf2-ruby1 l 0.862068965517 0. r-cran-futilities 0. libdirectfb-dev 0. 0. 0.800492610837 libfilter-template-per lua50 erl 0. 0. 0. factory-perl 0. 0. 4.22535211268 lsdvd 2.94117647059 4.16666666667 flowscan libacl1-dev libxml-sax-expat-incr 0. 0. 0. -java v 0. ev ttf-liberation 0. 0. 0. 0. libconfigreader-perl 4-cil 0. x11proto-input-dev 0. 0. 0. 0. 0. 0.0610500610501 0. libqt3-headers libcommons-launcher libsox-fmt-ao libsox-fmt-ogg libavahi-common3 a 0. freevo-data 4.22535211268 libavahi-common-dat python-egenix-mxur 0. 0. 0. 0. libtext-simpletable-p 0. 0. libtree-simple-visitor 0. libpango1.0-common 0. 0. 0. 0. freevo 0. 0.340831629175 libmng-dev 0. qt3-dev-tools libcommons-el-java 0. libcommons-modeler libghc6-happs-util-de 0. libxcb-xlib0-dev libmono-sqlite2.0-cil libghc6-happs-data-d 0. x11proto-kb-dev tftp-hpa r-cran-runit 1.07991360691 0. 0. libmono-sharpzip2.8 0. 0. 0. 2.08333333333 0. 0. r-cran-robustbase 0. erl 0. 0. 0.40899795501 0. libplexus-velocity-jav 2.0-cil 0. 0. libsox-fmt-oss 0. libsox-fmt-alsa 0.340831629175 libpoe-filter-xml-perl 0. 0. 2.08333333333 libx11-dev 0. 0. 0. 0. libqt3-mt-dev dev flowscan-cuflow libhtml-table-perl libcatalyst-perl libtelepathy-glib-dev libavahi-qt3-dev kdebase-runtime 0. gpsdrive-data libthai-data libuno-cli-ure1.0-cil 0. rl r-cran-lpsolve 0. 0. 0. libtomcat5.5-java 0. 0. libio-compress-base-p 0. 0. python-freevo 0. libmono-system-web 0. libsqlite3-ocaml 0. 0. python-kaa-imlib2 0. libdoxia-java 0. l libpoconetssl5 rl 0. libpocoutil5 0. 0. 0. 1.0-cil a libghc6-haxml-dev rl 0. 0. r-cran-fimport r-cran-fcalendar 0. libghc6-happs-state- 0. 0. a 0. 0. 0. 0. libthai0 0. libdatrie0 0. 0. 0. 0. 0. 0. libmail-pop3client-pe 0. r-cran-fportfolio 0. libcflow-perl libpoconet5-dbg libpocoxml5 0. cli-uno-bridge 0. 0. 0.0679117147708 0. 0. libnet-patricia-perl libempathy-dev libsox-fmt-sndfile 1.35-dev libtelepathy-dev 0. 0. r-cran-fecofin libextutils-install-per libextutils-parsexs-pe kde-icons-oxygen 0. 0. 0. libuno-cli-cppuhelper ocsigen kdebase-runtime-dat 0. 0. libcompress-zlib-perl libio-compress-zlib-pe liblogkit-java 0. 0. libgeant321-2-dev libcommons-pool-java 0. libcommons-dbcp-jav l 0. 0. 0. libsqlite3-ocaml-dev 0. libwerken.xpath-java libkrb5-25-heimdal 0. 0. 0. 0. 0. 0. libdaemons-ruby 0. ldirectord 0. 0. 0. 0. xemacs21-bin r-cran-ftrading 0. 0. 0. nt-dev r-cran-fregression -kde4 ec -perl an libboost-serialization perl-base 0. 0. 0. libpoconetssl5-dbg libmagick++9-dev 0. 0. 0. 0. l 0. 1.6677935542 0. 0. -perl 0. 0. 1.31470212606 .0-cil 0. 0. 0. rt 0. 0. libmodule-install-per libcryptokit-ocaml cil 0. lzma libaudio-dev 0. xtrans-dev libattr1 velocity mongrel libwind0-heimdal 0. libasn1-8-heimdal 1.0-cil libtext-glob-perl geant321-data rl erl l-perl 1.35.0 0. 0. libmissioncontrol-clie kdebase-runtime-bin 3.0303030303 xmms2-plugin-avcod libcompress-raw-zlib v libgeant321-2-gfortr 0. libbind9-40 0. 1.04424911727 1.15693787093 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. 0. libuno-cli-types1.1-ci xemacs21-support liblexical-persistence 0.267638093822 libuno-cli-basetypes1 gnustep-gui-runtime 2.85714285714 xemacs21-basesuppo 0. r-cran-fassets 0. 0.61705449409 libmono-data-tds1.0- libpocoutil5-dbg libmagick9-dev libpocoxml5-dbg r-cran-polspline libdjvulibre-dev libhugs-base-bundled 0. 0.155925155925 0. 0. 1.066786868 0. libboost1.35-dev 0. libempathy-common 0. libmono-accessibility libisc45 xmms2-plugin-asf 0. libdns45 0. 0. libgtkspell-dev 0. 2.94117647059 0. libunixsocket-java libnet-imap-simple-pe dpkg libnumber-compare-p 0. libacl1 0. libboost-serialization ntrol libnet-imap-simple-ss 0. 0. libcryptokit-ocaml-de libxpp3-java 0. va 0. 0. 0. 0. geant321 0.245261984392 0. sisu-sqlite libkcal2-dev 0. 0. 0. 0. libgnujaf-java cil 0.111515872426 0. 1.0-cil libgemplugin-ruby -cil ndled 0. 0. libgemplugin-ruby1.8 libqthreads-12 libxcursor-dev libroken18-heimdal libhx509-3-heimdal 0. 0. 2.94117647059 2.94117647059 xemacs21 0.0223031744852 0. 0. libxpp2-java 0. 0.0891861761427 4.97360791019 0. 0. 0. 0. 0. 0. 0. libnet-daemon-perl 0. 0. 0. hugs libgnustep-gui0.14 v libdevel-caller-perl telepathy-mission-co maxima-src 8 r-cran-chron gnustep-gui-common libdevel-lexalias-perl xmms2-plugin-wma libfile-find-rule-perl libmatthew-debug-ja coreutils 0. xfonts-75dpi libgnuinet-java libisccc40 0. libselinux1 libisccfg40 4.94983277592 python-mpi 0. 0. 1.85185185185 libndoc1.3-cil 0. libmalaga7 libguile-ltdl-1 librainbow0c2 2.77777777778 0. r-cran-fmultivar libmono-security1.0- cpp libenchant-dev libm17n-dev libmono-system-data libhugs-haskell98-bu libmono-winforms1.0 0. liblablgtk2-ocaml-dev 0. 0. 0. 0. 0. 0. 0. libempathy14 libdom4j-java libdbus-java php5-recode 0. 0. 0. 0. 0. 0. 0. maxima-share libktnef1-dev r-cran-acepack 0. 0. 0. 0. libxfixes-dev libdbd-sqlite3-ruby 1.0989010989 xfonts-100dpi libkpimexchange1-de libdbd-sqlite3-ruby1. x11proto-fixes-dev 2.80898876404 libdbi-perl libgnumail-java 3.17387304508 guile-1.6-libs libplrpc-perl 0. 0.904977375566 0. 0. xorg 0. 2.39190432383 0. 0. 0. 0. php5-mhash r-cran-sn libvoikko1 1.68539325843 gnomoradio python-netcdf cpp-4.3 libthai-dev python-scientific libroboradio0c2 libenchant1c2a r-cran-mnormt libdatrie0-dev maxima-test r-cran-hmisc libmpfr1ldbl 0.763358778626 gosa 0. 2750582751

Figure 10: Strong dominance graph for Debian 5.0. The two bigger clusters are related to packages coming from the GNOME and KDE desktop environments.

Mancoosi D5.1 Strong Dependencies between Software Components page 27 of 27