“A recent analysis of nearly 1.2 million open source software projects, primarily across four major ecosystems, found that only about 11% of projects were actively maintained.” reports InfoWorld:
In his 9th Annual State of the Software Supply Chain Report, released October 3, software supply chain management company Sonatype evaluated 1,176,407 projects and reported an 18% decline in actively maintained projects this year. Only 11% of projects, or 118,028, were under active maintenance.
The report also reveals that certain new projects, not maintained in 2022, are now maintained.
The four ecosystems included JavaScript, through NPM; Java, via the Maven project management tool; Python, via the PyPI package index; and .NET, via the NuGet gallery. Some Go projects were also included. According to the report, 18.6% of Java and JavaScript projects that were maintained in 2022 are no longer maintained today.
Other interesting discoveries:
- Nearly 10% reported security breaches due to open source vulnerabilities in the past 12 months.
- The use of AI and machine learning software components in enterprise environments has jumped 135% over the last year.