| CPC G06F 8/433 (2013.01) | 17 Claims |
|
1. A method for tracking software component dependencies, the method comprising:
identifying a dependency tree of a first software component, the dependency tree comprising a plurality of nodes representing other software components and edges representing dependencies between nodes;
identifying versions of dependencies in the dependency tree currently used by the first software component;
tracking a status of each particular dependency of the dependencies in the dependency tree based upon communications with an external computing service, the status determined based upon one or more of whether there is an availability of an updated version of the particular dependency or a presence of a vulnerability of a version of the particular dependency used by the first software component;
causing display of a graphical user interface (GUI) including the dependency tree, the versions of dependencies, and the status of each particular dependency;
identifying that a first dependency of the dependency tree is assigned a component importance level that is a lower level than a level assigned to the first software component; and
responsive to identifying that the first dependency of the dependency tree is assigned the component importance level that is a lower level than the level assigned to the first software component, notifying a user.
|