Software composition analysis

Software composition analysis (SCA) is a practice in the fields of Information technology and software engineering for analyzing custom-built software applications to detect embedded open-source software and detect if they are up-to-date, contain security flaws, or have licensing requirements.^[1]

^ Prana, Gede Artha Azriadi; Sharma, Abhishek; Shar, Lwin Khin; Foo, Darius; Santosa, Andrew E; Sharma, Asankhaya; Lo, David (July 2021). "Out of sight, out of mind? How vulnerable dependencies affect open-source projects". Empirical Software Engineering. 26 (4). Springer: 1–34. doi:10.1007/s10664-021-09959-3. S2CID 197679660.

[1] Prana, Gede Artha Azriadi; Sharma, Abhishek; Shar, Lwin Khin; Foo, Darius; Santosa, Andrew E; Sharma, Asankhaya; Lo, David (July 2021). "Out of sight, out of mind? How vulnerable dependencies affect open-source projects". Empirical Software Engineering. 26 (4). Springer: 1–34. doi:10.1007/s10664-021-09959-3. S2CID 197679660.

[1]