To mitigate the security risks of third-party components, the team defines a process to evaluate the third-party components. However, the CTO identified that the manual inspection of open source licenses to collect related information really took a lot of effort, and, in doing so, the team also made some mistakes, such as allowing information to go missing or incorrectly inputting data. The CTO met with the security team, discussing such matters as the feasibility of automating the process of scanning the whole project and creating an identity license for each component, and other such related information. The stages and key activities of this review are shown in the following table: