Identify dependencies
Description
A dependency identification program looks for the dependencies actually used within the codebase. This is useful to assess the current situation regarding IP requirements, and allows to identify dependency-related vulnerabilities.
Assessment
Question: Is there an easy-to-setup dependencies identification process available for projects?
Tools
Recommendations
- Conduct regular audits about the dependencies and IP requirements to mitigate legal risks.
- Keep track of dependency-related vulnerabilities, keep users and developers informed.