Non Vulnerable Dependency Resolution

Inventor(s)

Tushar Goel, NexBFollow
Philippe Ombredanne, NexBFollow

Abstract

This publication describes a new method to resolve software package vulnerable version ranges and dependency version constraints at the same time, such that you can obtain a resolved software package version tree matching the blended constraints of functional and vulnerability requirements in order to provide non-vulnerable and up-to-date software code.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.

Recommended Citation

Goel, Tushar and Ombredanne, Philippe, "Non Vulnerable Dependency Resolution", Technical Disclosure Commons, (June 27, 2022)
https://www.tdcommons.org/dpubs_series/5224