國立虎尾科技大學 |

Managing software supply chains = theory and practice /

紀錄類型:	書目-語言資料,印刷品 : Monograph/item
正題名/作者:	Managing software supply chains/ by Ying Wang ... [et al.].
其他題名:	theory and practice /
其他作者:	Wang, Ying.
出版者:	Singapore :Springer Nature Singapore : : 2025.,
面頁冊數:	xv, 257 p. :ill., digital ; : 24 cm.;
Contained By:	Springer Nature eBook
標題:	Software Management. -
電子資源:	https://doi.org/10.1007/978-981-96-1797-5
ISBN:	9789819617975

Managing software supply chains = theory and practice /
Managing software supply chainstheory and practice /[electronic resource] :by Ying Wang ... [et al.]. - Singapore :Springer Nature Singapore :2025. - xv, 257 p. :ill., digital ;24 cm.

Part I. An Overview of Software Supply Chain Research -- Chapter 1. Introducing Software Supply Chain -- Part II. Modeling and Analyzing Software Supply Chain -- Chapter 2. Modeling Software Supply Chains and Analyzing Their Evolutionary Behaviors -- Part III. Dependency Issues in Software Supply Chain -- Chapter 3. Common Types of Dependency Issues -- Part IV. Ecosystem Level Techniques Combating Dependency Issues -- Chapter 4. Detecting Compatibility Issues for Machine Learning Libraries -- Chapter 5. Diagnosing NuGet Dependency Conflicts -- Chapter 6. Streamlining Software Bloated Dependencies -- Chapter 7. Exploring Cross Ecosystem Vulnerability Impacts -- Chapter 8. Boosting the Propagation of Vulnerability Fixes in the npm Ecosystem -- Part V. Tools and Datasets -- Chapter 9. "League of Legends" -- Chapter 10. Epilogue.

Open-source software supply chains wield significant influence in the software industry, drawing substantial interest from enterprises, researchers, and policymakers. Leveraging third-party libraries to build software applications is a common practice aimed at cost savings and software quality enhancement. However, heavy reliance on external libraries often leads to a state of "dependency hell", marked by issues like incompatibilities, conflicting versions, bloated dependencies, and the inclusion of vulnerable library versions. Despite extensive research on software dependency management and the evolution of software supply chains, questions linger regarding the variances in dependency challenges across programming language ecosystems and how best to address the dependency hell phenomenon from an ecosystem-wide perspective. The aim of this book is to offer: (1) a comprehensive literature review on software supply chains, (2) discussions on modeling software supply chains and analyzing their evolutionary behaviors, (3) ecosystem-level strategies for diagnosing various dependency issues and automating problem resolution with cost-benefit analysis, and (4) provision of a toolkit and datasets to support future research and assist practitioners in addressing the challenges of dependency management. The methodologies outlined in this book have been previously presented in top-tier conferences and journals, with some techniques officially integrated into products by Microsoft Corporation and Huawei Technologies Co Ltd. This book is designed to provide readers with a solid understanding of software supply chain fundamentals and practical guidance on implementing theory and techniques in real-world industrial settings. The book is chiefly intended for software engineering researchers and students with an academic background who are interested in learning about dependency management for third-party libraries, quality assurance for software supply chains, and the evolution of open-source software ecosystems. It will also be of interest to practitioners, including software engineers, quality assurance professionals, and software managers, as well as general readers. All will benefit from our systematic studies on the dependency hell phenomenon in various programming language communities and valuable associated artifacts.

ISBN: 9789819617975

Standard No.: 10.1007/978-981-96-1797-5doiSubjects--Topical Terms:

1069200
Software Management.

LC Class. No.: QA76.758

Dewey Class. No.: 005.1

Managing software supply chains = theory and practice /
LDR:04162nam a2200325 a 4500 001 1160660
003 DE-He213
005 20250226115251.0
006 m d
007 cr nn 008maaau
008 251029s2025 si s 0 eng d
020 $a 9789819617975 $q (electronic bk.)
020 $a 9789819617968 $q (paper)
024 7 $a 10.1007/978-981-96-1797-5 $2 doi
035 $a 978-981-96-1797-5
040 $a GP $c GP
041 0 $a eng
050 4 $a QA76.758
072 7 $a UMZ $2 bicssc
072 7 $a COM051230 $2 bisacsh
072 7 $a UMZ $2 thema
082 0 4 $a 005.1 $2 23
090 $a QA76.758 $b .M266 2025
245 0 0 $a Managing software supply chains $h [electronic resource] : $b theory and practice / $c by Ying Wang ... [et al.].
260 $a Singapore : $c 2025. $b Springer Nature Singapore : $b Imprint: Springer,
300 $a xv, 257 p. : $b ill., digital ; $c 24 cm.
505 0 $a Part I. An Overview of Software Supply Chain Research -- Chapter 1. Introducing Software Supply Chain -- Part II. Modeling and Analyzing Software Supply Chain -- Chapter 2. Modeling Software Supply Chains and Analyzing Their Evolutionary Behaviors -- Part III. Dependency Issues in Software Supply Chain -- Chapter 3. Common Types of Dependency Issues -- Part IV. Ecosystem Level Techniques Combating Dependency Issues -- Chapter 4. Detecting Compatibility Issues for Machine Learning Libraries -- Chapter 5. Diagnosing NuGet Dependency Conflicts -- Chapter 6. Streamlining Software Bloated Dependencies -- Chapter 7. Exploring Cross Ecosystem Vulnerability Impacts -- Chapter 8. Boosting the Propagation of Vulnerability Fixes in the npm Ecosystem -- Part V. Tools and Datasets -- Chapter 9. "League of Legends" -- Chapter 10. Epilogue.
520 $a Open-source software supply chains wield significant influence in the software industry, drawing substantial interest from enterprises, researchers, and policymakers. Leveraging third-party libraries to build software applications is a common practice aimed at cost savings and software quality enhancement. However, heavy reliance on external libraries often leads to a state of "dependency hell", marked by issues like incompatibilities, conflicting versions, bloated dependencies, and the inclusion of vulnerable library versions. Despite extensive research on software dependency management and the evolution of software supply chains, questions linger regarding the variances in dependency challenges across programming language ecosystems and how best to address the dependency hell phenomenon from an ecosystem-wide perspective. The aim of this book is to offer: (1) a comprehensive literature review on software supply chains, (2) discussions on modeling software supply chains and analyzing their evolutionary behaviors, (3) ecosystem-level strategies for diagnosing various dependency issues and automating problem resolution with cost-benefit analysis, and (4) provision of a toolkit and datasets to support future research and assist practitioners in addressing the challenges of dependency management. The methodologies outlined in this book have been previously presented in top-tier conferences and journals, with some techniques officially integrated into products by Microsoft Corporation and Huawei Technologies Co Ltd. This book is designed to provide readers with a solid understanding of software supply chain fundamentals and practical guidance on implementing theory and techniques in real-world industrial settings. The book is chiefly intended for software engineering researchers and students with an academic background who are interested in learning about dependency management for third-party libraries, quality assurance for software supply chains, and the evolution of open-source software ecosystems. It will also be of interest to practitioners, including software engineers, quality assurance professionals, and software managers, as well as general readers. All will benefit from our systematic studies on the dependency hell phenomenon in various programming language communities and valuable associated artifacts.
650 2 4 $a Software Management. $3 1069200
650 2 4 $a Programming Language. $3 1365750
650 1 4 $a Software Engineering. $3 669632
650 0 $a Business logistics. $3 562973
650 0 $a Open source software. $3 561177
650 0 $a Computer software industry $x Management. $3 792329
700 1 $a Wang, Ying. $3 906468
710 2 $a SpringerLink (Online service) $3 593884
773 0 $t Springer Nature eBook
856 4 0 $u https://doi.org/10.1007/978-981-96-1797-5
950 $a Computer Science (SpringerNature-11645)