Print Email Facebook Twitter Analysing the effectiveness of fine-grained dependency analysis to convince developers of updating their dependencies Title Analysing the effectiveness of fine-grained dependency analysis to convince developers of updating their dependencies Author Cosse, Christophe (TU Delft Electrical Engineering, Mathematics and Computer Science; TU Delft Software Technology) Contributor Keshani, M. (mentor) Katsifodimos, A (graduation committee) Degree granting institution Delft University of Technology Programme Computer Science and Engineering Project CSE3000 Research Project Date 2021-07-02 Abstract Dependency maintenance is a critically important part of software development as vulnerabilities and exploits are constantly being discovered. Unfortunately it is extremely tedious for developers to manually keep track of these vulnerability discoveries and update their dependencies consequently. Dependency maintenance tools such as Dependabot and WhiteSource help to make this job easier for developers but still many developers never update their dependencies even with notifications from these tools. As such this research paper aims to find if giving more information to the developer as to how the vulnerability affects their code entices developers more to update their dependencies. This research found that developers seem to not care much for extra information about vulnerabilities and in whole maybe a different approach is required to educate developers on the critical importance of dependency maintenance. To reference this document use: http://resolver.tudelft.nl/uuid:8dc0a41c-d77b-495a-92ce-9f89949ee02e Part of collection Student theses Document type bachelor thesis Rights © 2021 Christophe Cosse Files PDF RP_Christophe_Cosse_Final ... emails.pdf 416.35 KB Close viewer /islandora/object/uuid:8dc0a41c-d77b-495a-92ce-9f89949ee02e/datastream/OBJ/view