Report Finds Few Open Source Projects are Actively Maintained

"A recent analysis accounting for nearly 1.2 million open source software projects primarily across four major ecosystems found that only about 11% of projects were actively maintained," reports InfoWorld:In its 9th Annual State of the Software Supply Chain report, published October 3, software supply chain management company Sonatype assessed 1,176,407 projects and reported an 18% decline this year in actively maintained projects. Just 11% of projects - 118,028 - were receiving active maintenance. The report also found some new projects, unmaintained in 2022, now being maintained. The four ecosystems included JavaScript, via NPM; Java, via the Maven project management tool; Python, via the PyPI package index; and .NET, through the NuGet gallery. Some Go projects also were included. According to the report, 18.6% of Java and JavaScript projects that were being maintained in 2022 are no longer being maintained today. Other interesting findings:Nearly 10% reported security breaches due to open source vulnerabilities in the past 12 months.Use of AI and machine learning software components within corporate environments surged 135% over the last year.

Read more of this story at Slashdot.