Presented by Ivan Pashchenko, Postdoctoral Research Fellow, University of Trento

Security vulnerabilities introduced by software dependencies can lead to severe incidents. Take for example, the Equifax breach, when the private data of more than 143 million people became publicly available due to a security vulnerability in an outdated software dependency. Despite the fact that GitHub Security Alerts and other tools allow software developers to check free open-source dependencies, developers …