id	author	title	date	pages	extension	mime	words	sentences	flesch	summary	cache	txt
www-sonatype-com-3567		www-sonatype-com-3567	2020-09-23	44	.pdf	application/pdf	17568	2994	59	The 6th Annual Report on Global Open Source Software Development growing dependence on open source and thirdparty software libraries. Software Supply Chain Report continues to examine compelling and measurable practices of secure open source software development and delivery. actively targeting open source software projects more than 1.5 trillion open source software components and containers for one reason: it accelerates injecting malicious code into open source projects 226 billion open source software component open source software packages over the past year. ⊲ 33x more likely to be confident that OSS dependencies are secure (i.e., no known vulnerabilities) Measured as the level of confidence that applications are not using open source components with known vulnerabilities. Measured as the level of confidence that the development team is in compliance with the organization's policies regarding open source licenses. around OSS update patterns by software development teams. https://blog.sonatype.com/open-source-software-is-under-attack-new-event-stream-hack-is-latest-proof https://blog.sonatype.com/open-source-software-is-under-attack-new-event-stream-hack-is-latest-proof How High Performance Teams Manage Open Source Software Supply Chains	./cache/www-sonatype-com-3567.pdf	./txt/www-sonatype-com-3567.txt