A World of Infinite Choice in Open Source Software

We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ever. Our goal? To qualify and quantify how exemplary development teams operate.

As part of the research we identified the top 3% of DevOps teams using exemplary practices. (Take the quiz to see how your team stacks up.)

Before we could truly understand these practice, we had to have the right context. The report’s first goal was to compare the use of open source in 2019 – to that of years past – and understand the broader environment developers are working in. As anticipated, open source component use continues to rocket upward.

Supply of Open Source is Massive

As the report indicates:

There are now more than 3.7 million unique Java open source software component releases in the Central Repository, 800,000 unique JavaScript packages in npm, 1.2 million unique Python component releases housed in the PyPI repository, and 1.6 million .NET component releases in the NuGet Gallery. There are also more than 2.2 million containerized applications housed in Docker Hub — up from 900,000 the previous year.

The massive supply of open source components grows with every new innovation and maintenance of previous parts. New versions enhance features, fix bugs, and patch security.

Supply of Open Source is Expanding Rapidly

Open Source Software Growing Rapidly

Sonatype’s study across several open source component ecosystems reveals number of releases housed within public repositories increased from 16.6 million to 28.4 million from January 2018 through today. On average, developers had access to more than 21,448 new open source component releases every day, since the beginning of 2018.

Open source growth is robust across numerous ecosystems, but npm (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Katie McCaskey. Read the original post at: https://blog.sonatype.com/a-world-of-infinite-choice-in-open-source-software