Yahoo

Infield wants to make open source dependency management trivial

Virtually every application today relies on dozens -- and sometimes hundreds -- of open-source components. Many of those get updated at a rapid clip in order to introduce new features and to fix ...
Security

Endor Labs releases report on open-source software dependency management

Endor Labs today released The 2024 Dependency Management Report, which consolidates extensive original and third-party research into the current state of security in the software dependency lifecycle ...
Computer Weekly

Sonatype: what dependency management did next (generation)

The latest trends and issues around the use of open source software in the enterprise. Sonatype describes itself as the company that scales DevOps through open source governance and software supply ...
Forbes

Beyond The Hype: Five Essential Qualities Of An Open-Source Environment And Package Management Solution

Over the past decade, open-source software has become a transformative force for data science and AI development, collaboration, and innovation. Among its benefits are transparency, cost-effectiveness ...
CSOonline

Endor Labs offers dependency management platform for open source software

Startup Endor Labs comes out of stealth with an end-to-end platform to help CSOs understand and catalogue everything developers are using from the internet. Endor Labs came out of stealth mode on ...
WSPA

Infield announces $3M funding to use AI to manage open-source dependency updates

NEW YORK, Jan. 16, 2024 /PRNewswire/ -- Infield today announced $3M in funding for its comprehensive open-source dependency manager. The round was led by Foundation Capital with participation of ...
CSOonline

OpenSSF releases npm best practices to help developers tackle open-source dependency risks

The npm Best Practices Guide aims to help JavaScript and TypeScript developers reduce the security risks of using open-source dependencies. The Open Source Security Foundation (OpenSSF) has released ...