Abstract
This publication describes a new method to resolve software package vulnerable version ranges and dependency version constraints at the same time, such that you can obtain a resolved software package version tree matching the blended constraints of functional and vulnerability requirements in order to provide non-vulnerable and up-to-date software code.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.
Recommended Citation
Goel, Tushar and Ombredanne, Philippe, "Non Vulnerable Dependency Resolution", Technical Disclosure Commons, (June 27, 2022)
https://www.tdcommons.org/dpubs_series/5224