GitLab recently released a new open-source tool to assist software developers in detecting harmful code in their projects’ dependencies.
While code reuse is a common practice in today’s programming, using open-source libraries in software comes with its own set of concerns. One of these is the use of packages that may include malicious code, either as a result of the package being compromised or as a result of relying on corrupted dependencies.
With some applications relying on hundreds of packages, finding vulnerable or malicious code is critical to guaranteeing the security of software and users, particularly since incidents of threat actors compromising the open-source supply chain are rising.
To Read More: Security Week
For more such updates follow us on Google News ITsecuritywire News.