NORMA eResearch @NCI Library

Distributed Software Dependency Management Using Blockchain

D’mello, Gavin and González-Vélez, Horacio (2019) Distributed Software Dependency Management Using Blockchain. In: 2019 27th Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP). IEEE, pp. 132-139. ISBN 9781728116440

Full text not available from this repository.
Official URL:


Contemporary software deployments rely on cloud-based package managers for installation, where existing packages are installed on demand from remote code repositories. Usually frameworks or common utilities, packages increase the code reusability within the ecosystem, whilst keeping the code base small. However, disruptions in the package management services can potentially affect development and deployment workflows. Furthermore, cloud package managers have arguably an ambiguous ownership model and offer limited visibility of packages to the users. This work describes the development of a blockchain-based package control system which is decentralised, reliable, and transparent. Blockchain nodes are installed within the distributed infrastructure to provide immutability, and then a dependency graph is constructed with the help of smart contracts to trace the software provenance. Our system has been successfully tested with 4338 packages from NPM, 950 out of which are the top depended-upon packages.

Item Type: Book Section
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software
T Technology > T Technology (General) > Information Technology > Computer software
Divisions: School of Computing > Staff Research and Publications
Depositing User: Caoimhe Ní Mhaicín
Date Deposited: 28 Mar 2019 13:38
Last Modified: 28 Mar 2019 13:58

Actions (login required)

View Item View Item