Here you will find all the articles with the tag: dependency.
Every year, Sonatype takes a good look at the software supply chain. In this year's State of the Software Supply Chain report, researchers report that many more malicious packages have been discovered than before. At the same time, a version with a fix is almost always available. Sonatype also foun... Read more
6 months ago
The move is not due to the threat of espionage, but rather to avoid "dependency" Following a trend set by the US and UK, the German government is now also planning to forbid telecoms operators from using certain components from Chinese companies Huawei and ZTE in their 5G networks, according to ... Read more
1 year ago
A security researcher has found a problem with the way many programming languages deal with dependencies. By creating new public packages with the same names as those used internally by companies, he managed to add code to the companies' software. In his blog, researcher Alex Birsan writes that ... Read more
3 years ago
