How Defender works

Identifying dependency issues in multiple software communities

It keeps monitoring library updates on PyPI on a daily basis for Python projects, and performs static analysis to identify dependency issues for Java projects (multiple scenarios).

Diagnosing the root causes of dependency issues

Based on issue manifestations, it diagnoses their root causes and analyzes the damage of issues that are introduced into the projects.

Generating suggestions for fixing dependency issues

It customizes fixing patches to automatically solve dependency issues.

Analyzing the issues’ impacts on the overall software ecosystem

It identifies all the downstream projects potentially affected by the dependency issues.

Features

Performing a holistic analysis for the entire software ecosystem

It performs a holistic analysis from the perspective of entire software ecosystem to continuously monitor dependency conflicts for millions of libraries.

Simulating the process of installing dependencies

It constructs a formal model that simulates the process of installing dependencies for the library version.

Submitting the issue reports and PRs automatically

It works as a set of bots on GitHub, which automatically submits the issue reports and PRs to warn the projects against dependency issues.

Providing self-diagnosis service

It provides the self-diagnosis service for users to analyze the dependency conflicts in their projects.

Automated Dependency Diagnosis

Building a healthy open-source software ecosystem