FASTEN Introduction in Medium

The troubles of modern software dependency management and what to do about them

In order to help developers tracking dependencies, FASTEN provides a new intelligent package management framework, on top of existing dependency management tools.

The FASTEN European research project wants to support DevOps teams by helping them managing and mastering dependencies, at a finer grain level compare to what they are currently doing.

The FASTEN consortium is preparing an intelligent dependency management solution that will bring innovation such as: a more accurate evaluation of the impact of dependencies, security vulnerabilities, license compliance, risk management, and evaluation of the consequences of library API changes on users.

The developers team will therefore be able to check the constraints in relation to the use of new dependencies, on a technical and legal level, each license bringing rights but also obligations.

In particular, engineers will know how many maintainers are involved in the evolution of an external code artifact, how many users have already put a certain library into production and what are the known vulnerabilities that affect the dependency. Many other variables can be also collected, at the function level, and then the team may decide whether or not to perform an upgrade of a particular framework or library.

Read the Medium full article

Article date: May 4, 2021. 


Site maintained by OW2