II.
LibraryProcess JSON
Structured · livelib-process:security-compliance--sca-dependency-management
sca-dependency-management json
Inspect the normalized record payload exactly as the atlas UI reads it.
{
"id": "lib-process:security-compliance--sca-dependency-management",
"_kind": "LibraryProcess",
"_file": "generated-library/processes.yaml",
"_cluster": "generated-library",
"attributes": {
"displayName": "sca-dependency-management",
"description": "Software Composition Analysis (SCA) and Dependency Management - Comprehensive SCA framework covering\nvulnerability scanning, CVE monitoring, SBOM generation, automated dependency updates, license compliance verification,\nsupply chain risk assessment, and integration with security tools like Snyk, Dependabot, OWASP Dependency-Check,\nand Trivy for complete software supply chain security.",
"libraryPath": "library/specializations/security-compliance/sca-dependency-management.js",
"specialization": "security-compliance",
"references": [
"- OWASP Dependency-Check: https://owasp.org/www-project-dependency-check/\n- Snyk Documentation: https://docs.snyk.io/\n- GitHub Dependabot: https://docs.github.com/en/code-security/dependabot\n- CycloneDX SBOM Standard: https://cyclonedx.org/\n- SPDX: https://spdx.dev/\n- NIST SSDF: https://csrc.nist.gov/Projects/ssdf\n- SLSA Framework: https://slsa.dev/"
],
"example": "const result = await orchestrate('specializations/security-compliance/sca-dependency-management', {\n projectName: 'E-Commerce Platform',\n repositoryUrl: 'https://github.com/org/ecommerce-platform',\n packageManagers: ['npm', 'maven', 'pip'],\n scaTools: ['snyk', 'dependabot', 'trivy', 'owasp-dependency-check'],\n licensePolicies: {\n allowed: ['MIT', 'Apache-2.0', 'BSD-3-Clause'],\n denied: ['GPL-3.0', 'AGPL-3.0'],\n reviewRequired: ['LGPL-2.1']\n },\n severityThreshold: 'high',\n automatedUpdates: true,\n sbomFormat: 'cyclonedx',\n cicdIntegration: true,\n supplyChainSecurity: true\n});",
"usesAgents": [
"dependency-analyzer",
"vulnerability-aggregator",
"sbom-generator",
"license-compliance-analyst",
"supply-chain-analyst",
"sca-tool-configurator",
"update-strategy-designer",
"remediation-planner",
"cicd-integration-specialist",
"compliance-reporter"
],
"usesSkills": [
"dependency-scanner"
]
},
"outgoingEdges": [
{
"from": "lib-process:security-compliance--sca-dependency-management",
"to": "domain:security",
"kind": "lib_applies_to_domain",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--sca-dependency-management",
"to": "workflow:vulnerability-management",
"kind": "lib_implements_workflow",
"attributes": {
"weight": 1
}
},
{
"from": "lib-process:security-compliance--sca-dependency-management",
"to": "specialization:security-compliance",
"kind": "lib_belongs_to_specialization",
"attributes": {
"weight": 0.9
}
},
{
"from": "lib-process:security-compliance--sca-dependency-management",
"to": "lib-agent:supply-chain--supply-chain-analyst",
"kind": "uses_agent",
"attributes": {
"weight": 0.8
}
},
{
"from": "lib-process:security-compliance--sca-dependency-management",
"to": "lib-skill:security-compliance--dependency-scanner",
"kind": "uses_skill",
"attributes": {
"weight": 0.8
}
}
],
"incomingEdges": []
}