公开(公告)号：US11204983B2

公开(公告)日：2021-12-21

申请号：US16727241

申请日：2019-12-26

Applicant: salesforce.com, inc.

Inventor： Prashanth Kannan ,  Bharat Ramakrishnan Srinivasan

IPC: G06F21/12 ,  G06F21/54 ,  G06F8/73

Abstract: Techniques are disclosed for determining whether to permit distribution of a software package—for example, via an application exchange service of a cloud computer system. The computer system may calculate a risk score for the software package based on various factors, including package metadata that specifies one of a plurality of package types supported by the application exchange service. The specified package type may be indicative of an amount of developer control on the software package after distribution. Based on comparing the calculated risk score to a risk threshold, the computer system may determine whether to permit distribution of the software package via the application exchange service. Scoring software packages based on package metadata may reduce the number of packages requiring manual review, which may advantageously reduce an amount of time between package development and deployment.

公开(公告)号：US20210200840A1

公开(公告)日：2021-07-01

申请号：US16727241

申请日：2019-12-26

Applicant: salesforce.com, inc.

Inventor： Prashanth Kannan ,  Bharat Ramakrishnan Srinivasan

IPC: G06F21/12 ,  G06F21/54 ,  G06F8/73

Abstract: Techniques are disclosed for determining whether to permit distribution of a software package—for example, via an application exchange service of a cloud computer system. The computer system may calculate a risk score for the software package based on various factors, including package metadata that specifies one of a plurality of package types supported by the application exchange service. The specified package type may be indicative of an amount of developer control on the software package after distribution. Based on comparing the calculated risk score to a risk threshold, the computer system may determine whether to permit distribution of the software package via the application exchange service. Scoring software packages based on package metadata may reduce the number of packages requiring manual review, which may advantageously reduce an amount of time between package development and deployment.