Indicators for software component management

Gain visibility into code and dependencies used across your organization. This capability helps manage and secure all software components, from in-house libraries to third-party dependencies, thereby increasing the security and reliability of the development process.

Indicators

[DL.SCM.1] Use a version control system with appropriate access management
[DL.SCM.2] Keep feature branches short-lived
[DL.SCM.3] Use artifact repositories with enforced authentication and authorization
[DL.SCM.4] Grant access only to trusted repositories
[DL.SCM.5] Maintain an approved open-source software license list
[DL.SCM.6] Maintain informative repository documentation
[DL.SCM.7] Standardize vulnerability disclosure processes
[DL.SCM.8] Use a versioning specification to manage software components
[DL.SCM.9] Implement plans for deprecating and revoking outdated software components
[DL.SCM.10] Generate a comprehensive software inventory for each build

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Software component management

[DL.SCM.1] Use a version control system with appropriate access management