About the Report
About the Analysis
Each year, the State of the Software Supply Chain report is a labor of love. It is produced to shed light on the patterns and practices associated with open source, development and the evolution of software supply chain management practices.
The report is made possible thanks to a tremendous effort put forth by many team members at Sonatype, including Aaron Linskens, Alli VanKanegan, Anna Hubbard, Ax Sharma, Brian Fox, Bruce Mayhew, Eddie Knight, Elissa Walters, Ember DeBoer, Ilkka Turunen, Jeff Wayman, Juan Morales, Leina Sanchez, Maury Cupitt, Mitchell Johnson, Nicole Lavella, Stephen Magill, PhD, Steve Poole, Tara Condon, Tiffany Jennings, Todd Baseden, Vlad Drobinin, PhD and Wayne Jackson.
We would also like to offer thanks for contributions, big and small, and for sharing perspectives with our many colleagues across the DevOps and open source development community.
Another very special thank you goes out to Alli VanKanegan and Leina Sanchez, who created the incredible design for this year's report.
Sonatype is the software supply chain management company. Recognized by globally renowned analysts as a leader in the industry, Sonatype enables organizations to innovate faster in a highly competitive market. We allow engineers to develop software fearlessly and focus on building products that power businesses. Sonatype researchers have analyzed more than 120 million open source components – 40x more than its competitors – and the Sonatype platform has automatically blocked over 245,000 malicious components from entering developers’ code. Enabling high-quality, secure software helps organizations meet their business needs and those of their customers and partners. More than 2,000 organizations, including 70% of the Fortune 100 and 15 million software developers, rely on our tools and guidance to be ambitious, move fast and do it securely. To learn more about Sonatype, please visit www.sonatype.com.