We live in an application economy where software has shifted from being a driver of nominal efficiency gains to an enabler of new customer experiences and markets.
Innovation is king, speed is critical, and open source is center stage. To compete effectively on a global playing field, companies aren’t just writing software — they’re manufacturing it as fast as they can using an infinite supply of open source component parts, machine automation, and supply chain-like processes.
Today, Sonatype introduces its third annual State of the Software Supply Chain report. This year’s report blends a broad set of public and proprietary data with expert research and analysis to reveal the following:
This year’s report has similarities to previous years, but there are three differences worth noting. First, the analysis in this year’s report extends beyond Java and includes supply chain findings for JavaScript, NuGet, Python, and Docker. Second, this year’s paper includes a stronger emphasis on the emergence of DevOps and reflects on the evolution of modern IT organizations as they seek to transform from waterfall-native to DevOps-native software development. Lastly, this year’s research delves deeper into the rapidly evolving role of regulation, legislation, and litigation with respect to open source governance and software supply chain management.
We hope you find the information in this year’s report useful and we welcome your feedback. You can download this year’s report now at www.sonatype.com/ssc2017.