@conference {apiace:2024:msr, title = {APIstic: A Large Collection of OpenAPI Metrics}, booktitle = {21st IEEE/ACM International Conference on Mining Software Repositories (MSR)}, year = {2024}, note = {(to appear)}, month = {April}, address = {Lisbon, Portugal}, abstract = {In the rapidly evolving landscape of web services, the significance of efficiently designed and well-documented APIs is paramount. In this paper, we present APIstic an API analytics dataset and exploration tool to navigate and segment APIs based on an extensive set of precomputed metrics extracted from OpenAPI specifications, sourced from GitHub, SwaggerHub, BigQuery and APIs.guru. These pre-computed metrics are categorized into structure, data model, natural language description, and security metrics. The extensive dataset of varied API metrics provides crucial insights into API design and documentation for both researchers and practitioners. Researchers can use APIstic as an empirical resource to extract refined samples, analyze API design trends, best practices, smells, and patterns. For API designers, it serves as a benchmarking tool to assess, compare, and improve API structures, data models, and documentation using metrics to select points of references among 1,275,568 valid OpenAPI specifications. The paper discusses potential use cases of the collected data and presents a descriptive analysis of selected API analytics metrics. }, keywords = {dataset, metrics, OpenAPI}, author = {Souhaila Serbout and Cesare Pautasso} } @demo {2022:ecsa:expresso, title = {ExpressO: From Express.js implementation code to OpenAPI interface descriptions}, year = {2022}, month = {September}, pages = {29{\textendash}44}, publisher = {Springer}, abstract = {This tool demo paper brings forward a new CLI tool called ExpressO for developers who need to analyze a Web API implemented using the Express.js framework and automatically extract a specification written in the standard OpenAPI interface description language. The specification includes all of the implemented endpoints along with their response status codes and path and query parameters. Developers can use it to automatically determine whether the interface of a Web API matches its implementation based on the Express.js framework. The tool has been released on the npm component registry as {\textquoteleft}expresso-api{\textquoteright}. }, keywords = {API, express.js, OpenAPI}, doi = {10.1007/978-3-031-36889-9_4}, author = {Souhaila Serbout and Alessandro Romanelli and Cesare Pautasso} } @conference {apiace:2022:icws, title = {How Composable is the Web? An Empirical Study on OpenAPI Data model Compatibility}, booktitle = {IEEE World Congress on Services (ICWS Symposium on Services for Machine Learning)}, year = {2022}, month = {July}, publisher = {IEEE}, organization = {IEEE}, address = {Barcelona, Spain}, abstract = {Composing Web APIs is a widely adopted practice by developers to speed up the development process of complex Web applications, mashups, and data processing pipelines. However, since most publicly available APIs are built independently of each other, developers often need to invest their efforts in solving incompatibility issues by writing ad-hoc glue code, adapters and message translation mappings. How likely are Web APIs to be directly composable? The paper presents an empirical study to determine the potential composability of a large collection of 20,587 public Web APIs by verifying their schemas{\textquoteright} compatibility. We define three levels of data model elements compatibility -- considering matches between property names and/or data types -- which can be determined statically based on API descriptions conforming to the OpenAPI specification. The study research questions address: to which extent are Web APIs compatible; the average number of compatible endpoints within each API; the likelihood of finding two APIs with at least one pair of compatible endpoints. To perform the analysis we developed a compatibility checker tool which can statically determine API schema compatibility on the three levels and find matching pairs of API responses which can be directly forwarded as requests to the same or other APIs. We run the tool on a dataset of 751,390 request and response message schemas extracted from publicly available OpenAPI descriptions. The results indicate a relatively high number of compatible APIs when matching their data models only on the level of their elements{\textquoteright} data type. However, this number gets lower narrowing the scope to only the ones handling data objects having identical properties name. The average likelihood of finding two compatible APIs with both matching property names and data types reaches 21\%. Also, the number of compatible endpoints within the same API is very low.}, keywords = {API Analytics, empirical study, mashups, OpenAPI, Web APIs}, author = {Souhaila Serbout and Cesare Pautasso and Uwe Zdun} } @conference {2022:icsa, title = {Web APIs Structures and Data Models Analysis}, booktitle = {19th IEEE International Conference on Software Architecture (ICSA 2022)}, year = {2022}, month = {March}, publisher = {IEEE}, organization = {IEEE}, address = {Honululu, Hawaii}, abstract = {Microservice architectures emphasize keeping components small, to foster autonomy, low coupling, and independent evolution. In this large-scale empirical study, we measure the size of Web API specifications mined from open source repositories. These APIs are modeled using the OpenAPI Specification (OAS), which, in addition to documenting the offered operations, also contain schemas definitions for the data exchanged with the API request and response message payloads. This study has as a goal to build empirical knowledge about: (1) How big and diverse are real-world web APIs both in terms of their operations and data, (2) How different API structures use and reuse schema definitions. By mining public software repositories on Github, we gathered 42,194 valid OAS specifications published between 2014-2021. }, keywords = {API Analytics, API Size, OpenAPI}, author = {Souhaila Serbout and Fabio Di Lauro and Cesare Pautasso} } @conference {2021:europlop:api-fragments, title = {From OpenAPI Fragments to API Pattern Primitives and Design Smells}, booktitle = {European Conference on Pattern Languages of Programs (EuroPLoP{\textquoteright}21)}, year = {2021}, month = {July}, publisher = {ACM}, organization = {ACM}, address = {Virtual Kloster Irsee, Germany}, abstract = {In the past few years, the OpenAPI Specification (OAS) has emerged as a standard description language for accurately modeling Web APIs. Today, thousands of OpenAPI descriptions can be found by mining open source repositories. In this paper, we attempt to exploit these artifacts to extract commonly occurring building blocks used in Web API structures, in order to assist Web API designers in their modelling task. Our work is based on a fragmentation mechanism, that starts from OpenAPI descriptions of Web APIs to extract their structures, then fragment these structures into smaller blocks. This approach enabled us to extract a large dataset of reoccurring fragments from a collection of 6619 API specifications. Such fragments have been found multiple times in the same or across different APIs. We have classified the most reoccurring fragments into four pattern primitives used to expose in the API access to collections of items. We distinguish for each primitive variants from design smells. This classification is based on the specific combinations of operations associated with the collection items and on an in-depth analysis of their natural language labels and descriptions. The resulting pattern primitives are intended to support designers who would like to introduce one or more collections for a specific class of items in their HTTP-based API.}, keywords = {API, API fragments, design smells, OpenAPI, patterns}, doi = {10.1145/3489449.3489998}, url = {https://zenodo.org/record/5727094$\#$.YZ97mFMo-0o}, author = {Souhaila Serbout and Cesare Pautasso and Uwe Zdun and Olaf Zimmermann} } @conference {2021:icwe:api-evolution, title = {Towards Large-scale Empirical Assessment of Web APIs Evolution}, booktitle = {21st International Conference on Web Engineering (ICWE2021)}, year = {2021}, month = {May}, pages = {124-138}, publisher = {Springer}, organization = {Springer}, address = {Biarritz, France}, abstract = {Web Application Programming Interfaces (APIs) decouple the internal implementation of a service from its consumers which can reuse and compose them to rapidly build new applications. Many Web APIs are described with the OpenAPI Specification (OAS). The goal of our research is to check the feasibility of using API descriptions found in public open source repositories to study how APIs evolve over time. To do so, we collected a large dataset of OAS documents by crawling open source repositories, we parsed the corresponding metadata and measured the API size in order to extract a simple model to track the lifecycle of API artifacts and observe common evolution behaviors. Our preliminary results indicate that only a subset of the APIs changes, but as opposed to the expectation that APIs should only grow to maintain backward compatibility we also detected a number of APIs with a more variable history. We also study the stability of API artifacts over time and whether APIs are more or less likely to change as they age.}, keywords = {API Evolution, OpenAPI, Web API}, doi = {10.1007/978-3-030-74296-6_10}, author = {Fabio Di Lauro and Souhaila Serbout and Cesare Pautasso} }