Open source library security rating
US11100239B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | May 6, 2019 |
| Grant date | Aug 24, 2021 |
| Priority date | — |
| Expiry date | Feb 26, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2101
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An open source library rating is generated for an open source library based on dependencies of the library, vulnerabilities of the library, an age of the library, a popularity of the library, a history of the library, or any suitable combination thereof. The rating of a specific version of a library may be generated based on a base score for all versions of the library and a version score for the specific version of the library. An authorization system receives a request from a developer to add a library to a software application. In response, the authorization system accesses a rating for the library. Based on the rating, the authorization system approves the request, denies the request, or recommends an alternative library.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.