International Journal For Multidisciplinary Research
E-ISSN: 2582-2160
•
Impact Factor: 9.24
A Widely Indexed Open Access Peer Reviewed Multidisciplinary Bi-monthly Scholarly International Journal
Home
Research Paper
Submit Research Paper
Publication Guidelines
Publication Charges
Upload Documents
Track Status / Pay Fees / Download Publication Certi.
Editors & Reviewers
View All
Join as a Reviewer
Reviewer Referral Program
Get Membership Certificate
Current Issue
Publication Archive
Conference
Publishing Conf. with IJFMR
Upcoming Conference(s) ↓
WSMCDD-2025
GSMCDD-2025
Conferences Published ↓
RBS:RH-COVID-19 (2023)
ICMRS'23
PIPRDA-2023
Contact Us
Plagiarism is checked by the leading plagiarism checker
Call for Paper
Volume 6 Issue 5
September-October 2024
Indexing Partners
Evaluating Security and Community Health Metrics of FOSS Repositories
Author(s) | Niraj Salvi, Amal Thundiyil, Seema Supe, Nataasha Raul |
---|---|
Country | India |
Abstract | The extensive use of open-source packages in software development has greatly increased output and effectiveness. However, this development presents a challenging security environment in which vulnerabilities found in these packages can spread to other projects. To address this challenge, we suggest creating an open-source security assessment tool that has been painstakingly designed. The purpose of this tool is to assess security risks related to third-party dependencies and packages that are available on npm and GitHub. Concerns are raised by the lack of a thorough assessment because seemingly innocuous packages could be hiding vulnerabilities that could lead to significant financial losses, service interruptions, and data breaches. Within the dynamic realm of open-source packages, developers often struggle to stay up to date with the ever changing security landscape. The main difficulty with this problem is figuring out which secure packages are kept up to date and which are either showing signs of poor maintenance or contain latent vulnerabilities. Therefore, it becomes necessary to have a methodical, data-driven security evaluation tool so that developers can make informed choices about which packages to install. This project uses a wide range of parameters in an attempt to meet this requirement. These parameters allow for a quantitative evaluation of a package's security posture. They include metrics like stars, forks, resolved issues, and community engagement. Our project aims to strengthen software security measures and mitigate potential risks associated with using third-party packages by giving developers actionable insights into the security status of their dependencies. |
Field | Computer > Network / Security |
Published In | Volume 6, Issue 2, March-April 2024 |
Published On | 2024-04-18 |
Cite This | Evaluating Security and Community Health Metrics of FOSS Repositories - Niraj Salvi, Amal Thundiyil, Seema Supe, Nataasha Raul - IJFMR Volume 6, Issue 2, March-April 2024. DOI 10.36948/ijfmr.2024.v06i02.16980 |
DOI | https://doi.org/10.36948/ijfmr.2024.v06i02.16980 |
Short DOI | https://doi.org/gtrfpm |
Share this
E-ISSN 2582-2160
doi
CrossRef DOI is assigned to each research paper published in our journal.
IJFMR DOI prefix is
10.36948/ijfmr
Downloads
All research papers published on this website are licensed under Creative Commons Attribution-ShareAlike 4.0 International License, and all rights belong to their respective authors/researchers.