東華大學圖書館 |

Managing software supply chains = theory and practice /

紀錄類型:	書目-電子資源 : Monograph/item
正題名/作者:	Managing software supply chains/ by Ying Wang ... [et al.].
其他題名:	theory and practice /
其他作者:	Wang, Ying.
出版者:	Singapore :Springer Nature Singapore : : 2025.,
面頁冊數:	xv, 257 p. :ill., digital ;24 cm.
內容註:	Part I. An Overview of Software Supply Chain Research -- Chapter 1. Introducing Software Supply Chain -- Part II. Modeling and Analyzing Software Supply Chain -- Chapter 2. Modeling Software Supply Chains and Analyzing Their Evolutionary Behaviors -- Part III. Dependency Issues in Software Supply Chain -- Chapter 3. Common Types of Dependency Issues -- Part IV. Ecosystem Level Techniques Combating Dependency Issues -- Chapter 4. Detecting Compatibility Issues for Machine Learning Libraries -- Chapter 5. Diagnosing NuGet Dependency Conflicts -- Chapter 6. Streamlining Software Bloated Dependencies -- Chapter 7. Exploring Cross Ecosystem Vulnerability Impacts -- Chapter 8. Boosting the Propagation of Vulnerability Fixes in the npm Ecosystem -- Part V. Tools and Datasets -- Chapter 9. "League of Legends" -- Chapter 10. Epilogue.
Contained By:	Springer Nature eBook
標題:	Computer software industry - Management. -
電子資源:	https://doi.org/10.1007/978-981-96-1797-5
ISBN:	9789819617975

Managing software supply chains = theory and practice /
Managing software supply chainstheory and practice /[electronic resource] :by Ying Wang ... [et al.]. - Singapore :Springer Nature Singapore :2025. - xv, 257 p. :ill., digital ;24 cm.

Part I. An Overview of Software Supply Chain Research -- Chapter 1. Introducing Software Supply Chain -- Part II. Modeling and Analyzing Software Supply Chain -- Chapter 2. Modeling Software Supply Chains and Analyzing Their Evolutionary Behaviors -- Part III. Dependency Issues in Software Supply Chain -- Chapter 3. Common Types of Dependency Issues -- Part IV. Ecosystem Level Techniques Combating Dependency Issues -- Chapter 4. Detecting Compatibility Issues for Machine Learning Libraries -- Chapter 5. Diagnosing NuGet Dependency Conflicts -- Chapter 6. Streamlining Software Bloated Dependencies -- Chapter 7. Exploring Cross Ecosystem Vulnerability Impacts -- Chapter 8. Boosting the Propagation of Vulnerability Fixes in the npm Ecosystem -- Part V. Tools and Datasets -- Chapter 9. "League of Legends" -- Chapter 10. Epilogue.

Open-source software supply chains wield significant influence in the software industry, drawing substantial interest from enterprises, researchers, and policymakers. Leveraging third-party libraries to build software applications is a common practice aimed at cost savings and software quality enhancement. However, heavy reliance on external libraries often leads to a state of "dependency hell", marked by issues like incompatibilities, conflicting versions, bloated dependencies, and the inclusion of vulnerable library versions. Despite extensive research on software dependency management and the evolution of software supply chains, questions linger regarding the variances in dependency challenges across programming language ecosystems and how best to address the dependency hell phenomenon from an ecosystem-wide perspective. The aim of this book is to offer: (1) a comprehensive literature review on software supply chains, (2) discussions on modeling software supply chains and analyzing their evolutionary behaviors, (3) ecosystem-level strategies for diagnosing various dependency issues and automating problem resolution with cost-benefit analysis, and (4) provision of a toolkit and datasets to support future research and assist practitioners in addressing the challenges of dependency management. The methodologies outlined in this book have been previously presented in top-tier conferences and journals, with some techniques officially integrated into products by Microsoft Corporation and Huawei Technologies Co Ltd. This book is designed to provide readers with a solid understanding of software supply chain fundamentals and practical guidance on implementing theory and techniques in real-world industrial settings. The book is chiefly intended for software engineering researchers and students with an academic background who are interested in learning about dependency management for third-party libraries, quality assurance for software supply chains, and the evolution of open-source software ecosystems. It will also be of interest to practitioners, including software engineers, quality assurance professionals, and software managers, as well as general readers. All will benefit from our systematic studies on the dependency hell phenomenon in various programming language communities and valuable associated artifacts.

ISBN: 9789819617975

Standard No.: 10.1007/978-981-96-1797-5doiSubjects--Topical Terms:

648038
Computer software industry
--Management.

LC Class. No.: QA76.758

Dewey Class. No.: 005.1

Managing software supply chains = theory and practice /
LDR:04162nmm a2200325 a 4500 001 2408567
003 DE-He213
005 20250226115251.0
006 m d
007 cr nn 008maaau
008 260204s2025 si s 0 eng d
020 $a 9789819617975 $q (electronic bk.)
020 $a 9789819617968 $q (paper)
024 7 $a 10.1007/978-981-96-1797-5 $2 doi
035 $a 978-981-96-1797-5
040 $a GP $c GP
041 0 $a eng
050 4 $a QA76.758
072 7 $a UMZ $2 bicssc
072 7 $a COM051230 $2 bisacsh
072 7 $a UMZ $2 thema
082 0 4 $a 005.1 $2 23
090 $a QA76.758 $b .M266 2025
245 0 0 $a Managing software supply chains $h [electronic resource] : $b theory and practice / $c by Ying Wang ... [et al.].
260 $a Singapore : $b Springer Nature Singapore : $b Imprint: Springer, $c 2025.
300 $a xv, 257 p. : $b ill., digital ; $c 24 cm.
505 0 $a Part I. An Overview of Software Supply Chain Research -- Chapter 1. Introducing Software Supply Chain -- Part II. Modeling and Analyzing Software Supply Chain -- Chapter 2. Modeling Software Supply Chains and Analyzing Their Evolutionary Behaviors -- Part III. Dependency Issues in Software Supply Chain -- Chapter 3. Common Types of Dependency Issues -- Part IV. Ecosystem Level Techniques Combating Dependency Issues -- Chapter 4. Detecting Compatibility Issues for Machine Learning Libraries -- Chapter 5. Diagnosing NuGet Dependency Conflicts -- Chapter 6. Streamlining Software Bloated Dependencies -- Chapter 7. Exploring Cross Ecosystem Vulnerability Impacts -- Chapter 8. Boosting the Propagation of Vulnerability Fixes in the npm Ecosystem -- Part V. Tools and Datasets -- Chapter 9. "League of Legends" -- Chapter 10. Epilogue.
520 $a Open-source software supply chains wield significant influence in the software industry, drawing substantial interest from enterprises, researchers, and policymakers. Leveraging third-party libraries to build software applications is a common practice aimed at cost savings and software quality enhancement. However, heavy reliance on external libraries often leads to a state of "dependency hell", marked by issues like incompatibilities, conflicting versions, bloated dependencies, and the inclusion of vulnerable library versions. Despite extensive research on software dependency management and the evolution of software supply chains, questions linger regarding the variances in dependency challenges across programming language ecosystems and how best to address the dependency hell phenomenon from an ecosystem-wide perspective. The aim of this book is to offer: (1) a comprehensive literature review on software supply chains, (2) discussions on modeling software supply chains and analyzing their evolutionary behaviors, (3) ecosystem-level strategies for diagnosing various dependency issues and automating problem resolution with cost-benefit analysis, and (4) provision of a toolkit and datasets to support future research and assist practitioners in addressing the challenges of dependency management. The methodologies outlined in this book have been previously presented in top-tier conferences and journals, with some techniques officially integrated into products by Microsoft Corporation and Huawei Technologies Co Ltd. This book is designed to provide readers with a solid understanding of software supply chain fundamentals and practical guidance on implementing theory and techniques in real-world industrial settings. The book is chiefly intended for software engineering researchers and students with an academic background who are interested in learning about dependency management for third-party libraries, quality assurance for software supply chains, and the evolution of open-source software ecosystems. It will also be of interest to practitioners, including software engineers, quality assurance professionals, and software managers, as well as general readers. All will benefit from our systematic studies on the dependency hell phenomenon in various programming language communities and valuable associated artifacts.
650 0 $a Computer software industry $x Management. $3 648038
650 0 $a Open source software. $3 581998
650 0 $a Business logistics. $3 648045
650 1 4 $a Software Engineering. $3 890874
650 2 4 $a Programming Language. $3 3538935
650 2 4 $a Software Management. $3 2139173
700 1 $a Wang, Ying. $3 558207
710 2 $a SpringerLink (Online service) $3 836513
773 0 $t Springer Nature eBook
856 4 0 $u https://doi.org/10.1007/978-981-96-1797-5
950 $a Computer Science (SpringerNature-11645)