Automatic application of software patches to software associated with container images based upon image relationships in a dependency tree. The computing device determines whether software associated with a base container image requires software patches. The computing device accesses dependency trees maintaining image relationships between the base container image and dependent container images. The computing device determines based upon the accessed one or more dependency trees whether the base container image has dependent container images derived from the base container image. The computing device applies software patches to the software associated with the base container image. The computing device rebuilds the base container image with the applied software patches. The computing device then rebuilds the dependent container images dependent upon the rebuilt base container image.

A recording medium stores a program for generating a source code that indicates processing on a sparse matrix and for causing a computer to execute a process including: acquiring second codes by optimizing, with a convex polyhedral model, a first code in which loop processing on a matrix is written in a static control part format; converting the second codes into source code candidates, based on sparse matrix information that indicates a variable that represents a non-zero element of the sparse matrix, expression information that indicates an operation expression that corresponds to a function included in the second codes, and data type information that indicates a type to be used for the variable; and selecting the source code from among the source code candidates in accordance with evaluation of processing performance for the sparse matrix in a case where each of the source code candidates is used.

A system configured for identifying unpermitted data in source code receives a search query comprising particular keywords related to the unpermitted data. The system labels the source code with vulnerability factors and categories of those vulnerability factors, where the vulnerability factors indicate a security vulnerability and the categories provide information about the security vulnerability of the source code. The system performs a static analysis on the source code to identify instances of the particular keyword in a data flow and control flow of the source code. The system performs a vulnerability analysis on the source code to determine a vulnerability level of the source code, in which factor weights and category weights for each code portion of the source code are determined. The system calculates a weighted sum of the factor weights and category weights for each code portion, thereby detecting instances of unpermitted data in source code.

The correct clusters of operating system (OS) components to package for hydration to client devices is learned through analyzing telemetry data of numerous end devices. The telemetry data captures snapshots of the OS components that were used or loaded by the end devices during runs of different applications. An OS component service mines this telemetry data and compares the frequency in which pairs of OS components are used by the end devices together during the different applications runs. Using on these frequencies, the OS components are filtered in a relationship graph and an clustering algorithm is applied to determine whether the OS components are interdependent (meaning used together) or independent (meaning not used together). Interdependent OS components are packaged together into a hydration package and may be transmitted to client computing devices requesting any of their constituent OS components.

Techniques for intent-based governance are described. For example, in some instances a method of receiving an indication of a change involving of one or more of code, a policy, a network configuration, or a governance requirement rule impacting a resource in a provider network for an account that is to be analyzed using one or more governance requirement rules; determining one or more governance requirement rules to evaluate for compliance after the update; evaluating the determined one or more governance requirement rules for compliance using one or more reasoning engines according to one or more policies; and making a result of the evaluating available to a user provides such governance.

Apparatuses, systems, and techniques to facilitate execution graph synchronization. In at least one embodiment, an application programming interface comprising one or more parameters is used to create dependencies between graph code nodes and one or more software routines.

Systems and methods are disclosed for reducing latency and power consumption of on-chip movement through an approximate communication framework for network-on-chips (“NoCs”). The technology leverages the fact that big data applications (e.g., recognition, mining, and synthesis) can tolerate modest error and transfers data with the necessary accuracy, thereby improving the energy-efficiency and performance of multi-core processors.

A system for determining a dependency task tree includes an interface and a processor. The interface is configured to receive a task list. The task list is associated with compiling, testing, packaging, and/or deploying a program. The processor is configured to determine a dependency task tree. The dependency task tree includes all tasks in the task list and all prerequisite tasks for each task in the task list and provides the dependency task tree. The interface is configured to receive the dependency task tree. The processor is configured to determine a set of tasks such that a task of the set of tasks does not depend on any other task; add the set of tasks to a task queue; in response to determining that all dependencies of the dependent task are completed; and continue executing tasks from the task queue until all tasks in the dependency task tree are completed.

A method for presenting an associated conflict block comprises obtaining a first conflict file comprising a plurality of first code blocks, wherein a second code block of the first code blocks comprises a first code snippet of a current version of the second code block, a second code snippet of a basic version of the second code block, and a third code snippet of a to-be-merged version of the second code block. A first instruction triggered on a user interface for activating a to-be-processed code block is received, wherein a first type of the to-be-processed code block is of an unresolved conflict block or a single-side change block. A fourth code snippet comprised in the to-be-processed code block and indexes of N associated code blocks of the to-be-processed code block is presented on the user interface.

According to an aspect of an embodiment, operations may include receiving an ML project including a data-frame and an ML pipeline including a plurality of code statements associated with a plurality of features corresponding to the ML project. The operations may further include determining one or more atomic steps corresponding to the ML pipeline to determine an atomized ML pipeline. The operations may further include instrumenting the atomized ML pipeline to determine an instrumented ML pipeline including one or more operations corresponding to the ML project. The operations may further include executing the instrumented ML pipeline to capture one or more data-frame snapshots based on each of the one or more operations. The operations may further include constructing a feature provenance graph (FPG). The operations may further include identifying one or more discarded features, from the plurality of features corresponding to the ML project, based on the constructed FPG.