Research: Usage of defective open source components has declined 63%
Sonatype has released its third annual State of the Software Supply Chain report. This report highlights safety concerns related to usage of open source components and their impacts on the software supply chain.
Organisations that are vigilant about the quality of open source components entering into the production applications are realising a 28% improvement in developer productivity, a 30% reduction in overall development costs, and a 48% increase in application quality. It also noted a 63% decline in the number of defective components built by teams that used automated governance tools. On the contrary, unvigilant organisations are at risk of wasting time on rework and bug fixes as well as facing liabilities around gross negligence.
The regulatory landscape is rapidly changing, with the US, the White House, four federal agencies, and the automotive industry releasing new guidelines to improve the quality, safety, and security of software supply chains in the past year.
Wayne Jackson, CEO, Sonatype, said: “Companies are no longer building software applications from scratch, they are manufacturing them as fast as they can using an infinite supply of open source component parts. However, many still rely on manual and time-consuming governance and security practices instead of embracing DevOps-native automation. Our research continues to show that development teams managing trusted software supply chains are dramatically improving quality and productivity.”
Mark Driver, Felix Gaehtgens, Mark O’Neill, Gartner, said: “By 2020, 50% of organisations will have suffered damage caused by failing to manage trust in their, or their partners’, SDLC – causing revenue loss of more than 15%. Application leaders responsible for modernizing application development should re-evaluate the SDLC in the form of a trusted software supply chain, with varied levels of trust.”
Are you surprised at the results of the research? Share your thoughts in the comments.
- » Three considerations to overcome enterprise app fatigue
- » Appdome joins AppConfig Community with eye on helping ISVs with best practice
- » Gartner says worldwide IT spending to grow 2.4% in 2017
- » Kony report reveals continued dissatisfaction with enterprise apps
- » Assessing agile project management and its place in the modern workplace