It’s no news that many developers rely on dependencies to build software because it saves them the time, cost, and energy of writing new codes. Yet, we cannot ignore that open-source software has its disadvantages and exposes us to vulnerabilities, especially