DEVOPSdigest

According to the 2024 State of Open Source Report — from Perforce in collaboration with the Open Source Initiative and the Eclipse Foundation — 95% of respondents say that they have increased or maintained their use of open source in 2023 (33% of those significantly so).

Source: Perforce

As for the 5% who reduced their OSS, they were predominantly from early-stage startups. The most significant growth was reported among respondents in Latin America, Asia, Africa, and the Middle East, although all regions expanded open-source adoption.

Databases and data technologies received the most investment among all open-source software categories at 35%.

The next two largest categories are programming languages and frameworks, and cloud and container technologies, both at 31%.

Further analysis of the results revealed that it is particularly large enterprises that are investing in the latter category, while small to mid-sized firms are allocating more to data technologies.

This year, reducing cost is the top reason for choosing open source at 37%, access to functionality to improve development velocity (31%), stable technology with long-term community support (28%), and access to innovations and technologies (27%).

This shift towards cost reduction is a marked shift from previous years when this reason lagged behind those other drivers and probably reflects the economy and global instability.

Challenges

The continued skills shortage and pressurized budgets, leading to less available time and the inevitable focus on prioritizing daily firefighting, are also apparent, with 38% having challenges relating to the team's OSS skills, experience, and proficiency. Only 16% claimed not to lack open-source skills, and that response was predominantly from small organizations with under 100 employees or early-stage startups. 40% also have concerns over the lack of high-level technical support.

Organizations are taking steps to address the lack of skills, whether in-house or with help from third parties. For example, over 45% are investing in internal or external training, 38% are hiring experienced professionals, and almost 29% are hiring external contractors or consultants. Organization size (and budget) probably plays a role here, as 50% of the largest enterprises are outsourcing talent, whereas medium to large organizations prefer to provide internal or external training to address skill gaps.

Dealing with the skills gap cannot happen quickly enough, given some of the other significant challenges the survey reveals. When asked about their biggest open source support problem, 79% cited maintaining security policies and compliance, followed by staying current with updates and patches at 70%.

Open-source security tools could help alleviate some of these problems, but investment in these was only quoted by 15%, with primarily single-digit usage of the most popular open-source security tools.

EOL Software Is Still a Problem

In addition, End of Life (EOL) software is still being used extensively, and this can contribute to security issues. Unsupported EOL software that is not being patched internally or via a third party can create vulnerabilities that hackers can then exploit. 42% admit that maintaining EOL software is challenging.

That said, 40% scan open-source software for vulnerabilities, indicating that the use of open-source software is maturing.

Other examples of maturity include:

■ 37% having experts in different open-source technologies.

■ 29% contribute to open source projects or foundations, and the same percentage develop new open source software in public git repositories.

■ 21% generate software bills of materials (SBOMs).

■ 19% have a legal team familiar with open-source licensing.

So, while there are still some substantial challenges to overcome, it is encouraging to see that there is awareness of these, plus a greater appreciation of how open source has become a mainstream part of technology, increasingly an integral part of how organizations operate.