dependency-graph
Safeguard articles tagged "dependency-graph" — guides, analysis, and best practices for software supply chain and application security.
7 articles
SBOM-based blast radius analysis for vulnerable dependencies
An SBOM tells you what's inside one artifact. It takes a dependency graph across every service to know what breaks first when a library gets a CVE.
Transitive dependency vulnerabilities explained
A vulnerability three layers deep in your dependency graph is still your problem. Here's how transitive flaws like Log4Shell hide, spread, and get fixed.
How Snyk calculates direct versus transitive dependency v...
Snyk splits vulnerability exposure into direct and transitive dependencies using lockfile graphs, CVE version-range matching, and path-level reachability analysis.
What Is a Transitive Dependency?
A transitive dependency is code you never chose but still ship, pulled in by the libraries you did choose. Here is why indirect dependencies dominate your attack surface.
How Snyk resolves CocoaPods and Swift Package Manager dep...
How Snyk parses Podfile.lock for CocoaPods and invokes the Swift toolchain to resolve Swift Package Manager dependencies when scanning iOS codebases.
Go Dependency Visualization for Security
The Go module graph is comparatively small, which makes it one of the few ecosystems where visualizing dependencies is actually useful for security review rather than just pretty.
Dependency Graph Analysis: Finding Hidden Transitive Risks
Your project has 50 direct dependencies. It actually depends on 1,200 packages. Transitive dependency analysis is how you find the risks hiding three layers deep.