Library reuse is a widely adopted practice in software development, however, re-used libraries are not always up-to-date, thus including unnecessary bugs or vulnerabilities. Brutely upgrading libraries to the latest versions is not feasible because breaking changes and bloated dependencies could be introduced, which may break the software project or introduce maintenance efforts. Therefore, balancing the technical lag reduction and the prevention of newly introduced issues are critical for dependency management. To this end, LagEase is introduced as a novel tool designed to address the challenges of mitigating the technical lags and avoid incompatibility risks and bloated dependencies. Experimental results show that LagEase outperforms Dependabot, providing a more effective solution for managing Maven dependencies.

翻译：库复用是软件开发中广泛采用的实践，然而被复用的库并非总是保持最新状态，从而可能包含不必要的缺陷或安全漏洞。粗暴地将库升级至最新版本并不可行，因为可能引入破坏性变更和臃肿的依赖项，导致软件项目崩溃或增加维护负担。因此，在减少技术滞后与预防新引入问题之间取得平衡，对于依赖管理至关重要。为此，本文提出LagEase这一新型工具，旨在应对缓解技术滞后、避免兼容性风险和臃肿依赖项的挑战。实验结果表明，LagEase在管理Maven依赖方面优于Dependabot，提供了更有效的解决方案。