|
|
|
|
|
|
by jra_samba
875 days ago
|
|
|
No one in these days of cyber attacks should be shipping unknown third party dependencies. How could you fix unknown dependencies in case of severe CVE's in them ? Unknown third party dependencies are a sign of utter amateur incompetence in product development. Once you have all third party dependencies cataloged, licence compliance should just shake out in the wash. |
|
|