Linux Foundation Report Spotlights Open Source Software Package Challenges
DevOps.com, Friday, December 6th, 2024
The Linux Foundation in collaboration with the Laboratory for Innovation Science at Harvard and multiple providers of software composition analysis (SCA) published a study this week, that in addition to identifying the most widely used software packages, also shined a light on fundamental challenges the open source community needs to address.
Based on more than 12 million observations of software libraries, the 'Census III of Free and Open Source Software - Application Libraries' report concludes that 96% of code bases are making use of some type of open source software, with the most widely used npm package being react.dom, react, lodash, axios and express.
Each package analyzed was ranked based on insights pulled from SCA tools provided by Black Duck, FOSSA, Snyk and Sonatype and additional manual audits of software conducted by volunteers.