dependencies

Secure mobile applications with Dart, Flutter, and Sonatype
The Dart coding language and the Flutter framework architecture are gaining traction among developers looking to build fast, reliable, cross-platform applications ...

Automation you can trust: Cut backlogs without breaking builds
Engineering teams live in a paradox — under pressure to ship software faster than ever, yet every new open source component introduces hidden risk. Security backlogs pile up as developers scramble to ...

How SBOMs power secure software acquisition | Sonatype Blog
CISA's Supply Chain Integrity Month reminds us of an undeniable truth about modern software development: transparency in software supply chains is no longer optional. The theme of week 4 is "Transparency: Securing ...

Assessing your open source software security efficacy
Open source software has become the foundation of modern application development. With up to 90% of most applications consisting of open source components, organizations — especially in financial services — need to ...

Crypto enthusiasts flood npm with more than 281,000 bogus packages overnight
Crypto enthusiasts have lately been flooding software registries like npm and PyPI with thousands of bogus packages that add no functional value and instead put a strain on the entire open source ...

Embracing dependency management in software development
With open source forming the backbone of modern software, effective management of software dependencies is an inevitable challenge for development and security teams ...

‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE
Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug ...

Strategies to accelerate dependency management for modern enterprise software development
Contrary to common belief, security and productivity are not necessarily at odds in modern software development ...

Software composition analysis (SCA): A beginner’s guide
In modern software development, applications are rarely built from scratch. Development teams extensively rely upon open source software components to accelerate development and foster innovation in software supply chains ...

The overview effect: Two decades of unique perspective
Based on data from 2023, just under 700 people have made the (sometimes) dangerous journey to space and seen our planet in a different light. Astronauts often write about their experiences in ...