New Shiny Library or Popular Shiny Library? Build More Secure Software by Choosing Newer Libraries

When selecting a third-party library, many software engineers simply choose the one with the highest popularity. Does a library's recent activity provide the best heuristic to minimize security risks and ensure good code quality?SonarQube, an open-source static code analysis tool, measures software...
By
Kenneth Po
June 16, 2022

All papers are copyrighted. No re-posting of papers is permitted

470x382_Generic_Whitepaper.jpg