Topic: dependencies

The imperative of artifact management in modern software development

In today’s fast-paced software landscape, managing dependencies and the myriad of components that contribute to software builds has become a critical challenge for development teams. This is where artifact management emerges as an essential practice, fundamentally transforming how software is built, secured, and maintained. Understanding Artifact Management At its core, artifact management refers to the … continue reading

Endor Labs has launched to help companies manage dependencies

Endor Labs has officially come out of stealth, launching the company with a Dependency Lifecycle Management Platform that is intended to help development and security teams maximize software reuse by evaluating, maintaining, and updating dependencies.  The Endor Labs platform helps organizations manage their dependencies by offering them a deeper understanding of how they are being … continue reading

The key to eliminating value stream dependencies

When multiple teams are operating within the same value stream, controlling dependencies can feel like a daunting task. These teams often become silos and negatively impact the ability to collaborate across the entire value stream, increasing dependencies and decreasing overall productivity. At this month’s {virtual} VSMcon 2022, Jim Benson, CEO of Modus Cooperandi and author of … continue reading

SD Times Open-Source Project of the Week: Package Hunter

Recently GitLab open-sourced a tool that enables developers and security teams to detect malicious code in app dependencies. Package Hunter analyzes dependencies for both malicious code and other unexpected behavior.  It installs the dependencies in a sandbox environment and then reports any suspicious behavior to the developer who can then further examine them. According to … continue reading

Study finds auto-fix tools help programmers better protect their code

Could the recent Equifax data breach been prevented if the credit agency had the right programming tools in place? That’s the question researchers from North Carolina State University set out to answer in their recent study: Can Automated Pull Requests Encourage Software Developers to Upgrade Out-of-Date Dependencies? According to the researchers, a majority of software … continue reading

GitHub Universe outlines plans for the future of software development

About ten years ago, GitHub embarked on a journey to create a platform that brought together the world’s largest developer community. Now that the company believes it has reached its initial goals, it is looking to the future with plans to expand the ecosystem and transform the way developers code through new tools and data. … continue reading

Dependency CI reviews potential vulnerabilities for open-source projects

The founder of an open-source library discovery service launched a new project today that can continuously test open-source dependencies for potential vulnerabilities and other issues. The project is Dependency CI, an open-source tool that integrates directly into a GitHub workflow just like other CI systems. It runs a set of configurable tests on any dependency … continue reading

Guest View: How to set your microservices up for failure

If you’ve been developing software for more than five years, you’ve probably seen this cycle before: New architecture emerges. Developers abandon previous best practices. Developers eventually realize that some of those “old-school” practices apply to the new architectural approach. Microservices are no exception. Some developers see microservices as a way to throw out established service-oriented … continue reading

Harvard, MIT speed up Web page loads

The two colleges are close enough to share a pizza parlor, but thanks to their collaborative work, maybe that pizza-delivery Web page will load faster for students at Harvard and MIT. Today, teams from the MIT Computer Science Artificial Intelligence Lab (CSAIL) and Harvard, released a paper describing Polaris, a method of speeding up page … continue reading

DMCA.com Protection Status