Comparative Evaluation of Software Composition Analysis Tools in Context of Technical Debt Reduction

علي, Nada M.; Mohamed, Samar Khaled; Magdi, Dalia A.

doi:10.21608/ijppe.2024.389252

Comparative Evaluation of Software Composition Analysis Tools in Context of Technical Debt Reduction

Document Type : Original Article

Authors

¹ School of Computer Science, Canadian International College, Cairo, Egypt

² Computer and Information System Department, School of Computer Sciences, Sadat Academy for Management Sciences, Cairo, Egypt

10.21608/ijppe.2024.389252

Abstract

The metaphor of "technical debt" is used in software engineering to describe technical solutions that may be practical in the short term but have a detrimental long-term consequence. Tools for software composition analysis (SCA) are proposed to detect potential vulnerabilities presented by open-source software (OSS) imported as third-party libraries. As software functionality becomes more complicated, SCA tools may confront various scenarios throughout the dependency resolution process, including diverse artifact formats, dependency imports, and dependence requirements. This study provides a comparative review of SCA techniques in the context of technical debt reduction, focusing on the analogous decisions and dynamics seen in systems engineering.

Keywords