A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
Software ecosystem call graph for dependency management
2018
Proceedings of the 40th International Conference on Software Engineering New Ideas and Emerging Results - ICSE-NIER '18
A popular form of software reuse is the use of open source software libraries hosted on centralized code repositories, such as Maven or npm. Developers only need to declare dependencies to external libraries, and automated tools make them available to the workspace of the project. Recent incidents, such as the Equifax data breach and the leftpad package removal, demonstrate the difficulty in assessing the severity, impact and spread of bugs in dependency networks. While dependency checkers are
doi:10.1145/3183399.3183417
dblp:conf/icse/HejderupDG18
fatcat:hy7zb237nngvnhsn5vduuvc2e4