News Releases

Software Developers Embracing Open Source but with Few Corporate Controls

Silver Spring, MD

Published: February 01, 2011 08:00

Sonatype, the company that is transforming software development, today announced the findings from its annual Software Development Infrastructure survey. The study, based on detailed answers from more than 1,600 software developers, architects and managers across all industries, company sizes and geographic regions, identified two important issues for corporate software development organizations.

The study found that while open source development infrastructure is widely adopted, integration issues limit developer productivity and team efficiency. Open source components are also widely used as building blocks for software development, but corporations have only limited control over how they are selected or utilized.

Development Organizations Standardize on Open Source Infrastructure, Integration Issues Persist

According to the survey, open source development infrastructure is rapidly becoming the standard, with 83 percent of respondents stating that tools such as Maven, Maven Central, Nexus, Hudson and Eclipse are widely used in their environments. Using open source infrastructure helps to improve productivity and reduce costs, but developers cite the lack of tool integration as their biggest challenge. Key findings include:

  • Nearly 50% have already standardized on open source tooling
  • An additional 27% say its widely used, though not yet a corporate standard
  • 65% say nothing stands in the way of adopting open source development infrastructure
  • 56% say lack of integration between tools is their biggest complaint with their development infrastructure
  • An additional 25% say their tools are not well integrated with the Eclipse IDE
Despite Widespread Use, 87% of Organizations Exert Little Control over the Use of Open Source Components

Each month, more than 40,000 organizations, including more than half of the Global 2,000, access Maven Central, the primary cloud-based repository for open source components. With many large enterprises downloading more than 100,000 components each month, open source components have become critical building blocks in software development initiatives. However, corporations lack visibility into component selection, deployment, standardization and change management. Key findings include:

  • 87% of survey respondents are not subject to corporate governance of the software artifacts they use
    • Nearly 42% have no corporate standards
    • Over 45% say they have standards, but they are not enforced
  • No best practice has emerged for component selection with 35% of respondents noting that they ‘search the web’ and 23% ‘rely on the advice of colleagues’ to find appropriate artifacts.
  • Developers report they lack a simple way to determine if a component that is in use has changed in an important way, such as a new version release or the discovery of a security flaw or defect. Most report that they either have ‘no easy way’ to learn of changes or that they find out via ‘web sources.’

“Our survey results confirm what we’ve been hearing from our customers for some time,” said Charles Gold, chief marketing officer at Sonatype. “Enterprise adoption is there, in fact, it’s huge. The real issue is how to maximize productivity and reuse without incurring unnecessary risk. This is our focus at Sonatype.”

To see the full survey results please visit: