Need some dependency mgmt strategy similar to maven. However, default marks on a software app should disallow building against a version of a component with known vulnerabilities. We also need to ship software with automatic self updating properties as well as isolation (avoid depending on system version of libs) and system-wide upgrade (if one app runs and detects a newer version of a component, it notifies all other apps that use that library that an upgrade is available).
Need some dependency mgmt strategy similar to maven. However, default marks on a software app should disallow building against a version of a component with known vulnerabilities. We also need to ship software with automatic self updating properties as well as isolation (avoid depending on system version of libs) and system-wide upgrade (if one app runs and detects a newer version of a component, it notifies all other apps that use that library that an upgrade is available).
See http://www.itworld.com/article/2936575/security/software-applications-have-on-average-24-vulnerabilities-inherited-from-buggy-components.html