id	sid	tid	token	lemma	pos
www-sonatype-com-3567	1	1	The	the	DT
www-sonatype-com-3567	1	2	6th	6th	JJ
www-sonatype-com-3567	1	3	Annual	Annual	NNP
www-sonatype-com-3567	1	4	Report	Report	NNP
www-sonatype-com-3567	1	5	on	on	IN
www-sonatype-com-3567	1	6	Global	Global	NNP
www-sonatype-com-3567	1	7	Open	Open	NNP
www-sonatype-com-3567	1	8	Source	source	NN
www-sonatype-com-3567	1	9	Software	Software	NNP
www-sonatype-com-3567	1	10	Development	Development	NNP
www-sonatype-com-3567	1	11	Stateof	Stateof	NNP
www-sonatype-com-3567	1	12	the	the	DT
www-sonatype-com-3567	1	13	2020	2020	CD
www-sonatype-com-3567	1	14	Software	Software	NNP
www-sonatype-com-3567	1	15	Supply	Supply	NNP
www-sonatype-com-3567	1	16	Chain	Chain	NNP
www-sonatype-com-3567	1	17	IN	in	IN
www-sonatype-com-3567	1	18	PARTNERSHIP	PARTNERSHIP	NNP
www-sonatype-com-3567	1	19	WITHPRESENTED	withpresente	VBD
www-sonatype-com-3567	1	20	BY	by	IN
www-sonatype-com-3567	1	21	Contents	content	NNS
www-sonatype-com-3567	1	22	Introduction	introduction	NN
www-sonatype-com-3567	1	23	............................................................	............................................................	.
www-sonatype-com-3567	1	24	4	4	CD
www-sonatype-com-3567	1	25	C	c	NN
www-sonatype-com-3567	1	26	H	h	NN
www-sonatype-com-3567	1	27	A	a	NN
www-sonatype-com-3567	1	28	P	p	NN
www-sonatype-com-3567	1	29	T	t	NN
www-sonatype-com-3567	1	30	E	e	NN
www-sonatype-com-3567	1	31	R	r	NN
www-sonatype-com-3567	1	32	1	1	CD
www-sonatype-com-3567	1	33	Open	open	JJ
www-sonatype-com-3567	1	34	Season	season	NN
www-sonatype-com-3567	1	35	on	on	IN
www-sonatype-com-3567	1	36	Open	Open	NNP
www-sonatype-com-3567	1	37	Source	source	NN
www-sonatype-com-3567	1	38	.....................	.....................	NFP
www-sonatype-com-3567	1	39	5	5	CD
www-sonatype-com-3567	1	40	Software	Software	NNP
www-sonatype-com-3567	1	41	Supply	supply	NN
www-sonatype-com-3567	1	42	Chain	chain	NN
www-sonatype-com-3567	1	43	Attacks	Attacks	NNPS
www-sonatype-com-3567	1	44	:	:	:
www-sonatype-com-3567	1	45	Past	past	NN
www-sonatype-com-3567	1	46	and	and	CC
www-sonatype-com-3567	1	47	Future	future	NN
www-sonatype-com-3567	1	48	..............................................................	..............................................................	NFP
www-sonatype-com-3567	1	49	6	6	CD
www-sonatype-com-3567	1	50	Rise	rise	NN
www-sonatype-com-3567	1	51	of	of	IN
www-sonatype-com-3567	1	52	Next	next	JJ
www-sonatype-com-3567	1	53	-	-	HYPH
www-sonatype-com-3567	1	54	Gen	Gen	NNP
www-sonatype-com-3567	1	55	Software	Software	NNP
www-sonatype-com-3567	1	56	Supply	Supply	NNP
www-sonatype-com-3567	1	57	Chain	Chain	NNP
www-sonatype-com-3567	1	58	Attacks	attack	NNS
www-sonatype-com-3567	1	59	(	(	-LRB-
www-sonatype-com-3567	1	60	2015	2015	CD
www-sonatype-com-3567	1	61	-	-	SYM
www-sonatype-com-3567	1	62	2020	2020	CD
www-sonatype-com-3567	1	63	)	)	-RRB-
www-sonatype-com-3567	1	64	.........................................	.........................................	NFP
www-sonatype-com-3567	1	65	7	7	CD
www-sonatype-com-3567	1	66	Speed	speed	NN
www-sonatype-com-3567	1	67	Remains	remain	VBZ
www-sonatype-com-3567	1	68	Critical	critical	JJ
www-sonatype-com-3567	1	69	When	when	WRB
www-sonatype-com-3567	1	70	Responding	respond	VBG
www-sonatype-com-3567	1	71	to	to	IN
www-sonatype-com-3567	1	72	Legacy	Legacy	NNP
www-sonatype-com-3567	1	73	Software	Software	NNP
www-sonatype-com-3567	1	74	Supply	Supply	NNP
www-sonatype-com-3567	1	75	Chain	Chain	NNP
www-sonatype-com-3567	1	76	Attacks	attack	NNS
www-sonatype-com-3567	1	77	.................................................	.................................................	NFP
www-sonatype-com-3567	1	78	10	10	CD
www-sonatype-com-3567	1	79	C	c	NN
www-sonatype-com-3567	1	80	H	h	NN
www-sonatype-com-3567	1	81	A	a	NN
www-sonatype-com-3567	1	82	P	p	NN
www-sonatype-com-3567	1	83	T	t	NN
www-sonatype-com-3567	1	84	E	e	NN
www-sonatype-com-3567	1	85	R	r	NN
www-sonatype-com-3567	1	86	2	2	CD
www-sonatype-com-3567	1	87	Open	open	JJ
www-sonatype-com-3567	1	88	Source	source	NN
www-sonatype-com-3567	1	89	:	:	:
www-sonatype-com-3567	1	90	Supply	supply	NN
www-sonatype-com-3567	1	91	and	and	CC
www-sonatype-com-3567	1	92	Demand	demand	NN
www-sonatype-com-3567	1	93	...........	...........	NFP
www-sonatype-com-3567	1	94	12	12	CD
www-sonatype-com-3567	1	95	JavaScript	JavaScript	NNP
www-sonatype-com-3567	1	96	........................................................................	........................................................................	CD
www-sonatype-com-3567	1	97	13	13	CD
www-sonatype-com-3567	1	98	Java	Java	NNP
www-sonatype-com-3567	1	99	...................................................................................	...................................................................................	NFP
www-sonatype-com-3567	1	100	14	14	CD
www-sonatype-com-3567	1	101	.NET	.NET	NNP
www-sonatype-com-3567	1	102	...................................................................................	...................................................................................	NFP
www-sonatype-com-3567	1	103	14	14	CD
www-sonatype-com-3567	1	104	DockerHub	dockerhub	NN
www-sonatype-com-3567	1	105	....................................................................	....................................................................	NFP
www-sonatype-com-3567	1	106	14	14	CD
www-sonatype-com-3567	1	107	C	c	NN
www-sonatype-com-3567	1	108	H	h	NN
www-sonatype-com-3567	1	109	A	a	NN
www-sonatype-com-3567	1	110	P	p	NN
www-sonatype-com-3567	1	111	T	t	NN
www-sonatype-com-3567	1	112	E	e	NN
www-sonatype-com-3567	1	113	R	r	NN
www-sonatype-com-3567	1	114	3	3	CD
www-sonatype-com-3567	1	115	Identifying	identify	VBG
www-sonatype-com-3567	1	116	Exemplary	Exemplary	NNP
www-sonatype-com-3567	1	117	Open	Open	NNP
www-sonatype-com-3567	1	118	Source	Source	NNP
www-sonatype-com-3567	1	119	Suppliers	Suppliers	NNPS
www-sonatype-com-3567	1	120	...................................	...................................	NFP
www-sonatype-com-3567	1	121	15	15	CD
www-sonatype-com-3567	1	122	Researching	research	VBG
www-sonatype-com-3567	1	123	the	the	DT
www-sonatype-com-3567	1	124	Best	good	JJS
www-sonatype-com-3567	1	125	Performing	Performing	NNP
www-sonatype-com-3567	1	126	OSS	oss	NN
www-sonatype-com-3567	1	127	Projects	Projects	NNPS
www-sonatype-com-3567	1	128	...........................................	...........................................	NFP
www-sonatype-com-3567	1	129	16	16	CD
www-sonatype-com-3567	1	130	Finding	find	VBG
www-sonatype-com-3567	1	131	Different	different	JJ
www-sonatype-com-3567	1	132	Behavioral	Behavioral	NNP
www-sonatype-com-3567	1	133	Groups	Groups	NNPS
www-sonatype-com-3567	1	134	....................	....................	NFP
www-sonatype-com-3567	1	135	16	16	CD
www-sonatype-com-3567	1	136	Exemplars	exemplar	NNS
www-sonatype-com-3567	1	137	........................................................................	........................................................................	CD
www-sonatype-com-3567	1	138	16	16	CD
www-sonatype-com-3567	1	139	Laggards	Laggards	NNPS
www-sonatype-com-3567	1	140	..........................................................................	..........................................................................	NFP
www-sonatype-com-3567	1	141	17	17	CD
www-sonatype-com-3567	1	142	Cautious	cautious	JJ
www-sonatype-com-3567	1	143	Teams	Teams	NNPS
www-sonatype-com-3567	1	144	.............................................................	.............................................................	NFP
www-sonatype-com-3567	1	145	17	17	CD
www-sonatype-com-3567	1	146	Projects	project	NNS
www-sonatype-com-3567	1	147	with	with	IN
www-sonatype-com-3567	1	148	Updated	updated	JJ
www-sonatype-com-3567	1	149	Dependencies	dependency	NNS
www-sonatype-com-3567	1	150	Are	be	VBP
www-sonatype-com-3567	1	151	More	more	RBR
www-sonatype-com-3567	1	152	Secure	secure	JJ
www-sonatype-com-3567	1	153	...........................	...........................	NFP
www-sonatype-com-3567	1	154	18	18	CD
www-sonatype-com-3567	1	155	Guidance	guidance	NN
www-sonatype-com-3567	1	156	for	for	IN
www-sonatype-com-3567	1	157	Open	Open	NNP
www-sonatype-com-3567	1	158	Source	Source	NNP
www-sonatype-com-3567	1	159	Project	Project	NNP
www-sonatype-com-3567	1	160	Owners	Owners	NNPS
www-sonatype-com-3567	1	161	and	and	CC
www-sonatype-com-3567	1	162	Contributors	Contributors	NNPS
www-sonatype-com-3567	1	163	..........................	..........................	NFP
www-sonatype-com-3567	1	164	19	19	CD
www-sonatype-com-3567	1	165	Guidance	guidance	NN
www-sonatype-com-3567	1	166	for	for	IN
www-sonatype-com-3567	1	167	Enterprise	Enterprise	NNP
www-sonatype-com-3567	1	168	Development	Development	NNP
www-sonatype-com-3567	1	169	Teams	Teams	NNPS
www-sonatype-com-3567	1	170	...................................................	...................................................	.
www-sonatype-com-3567	1	171	19	19	CD
www-sonatype-com-3567	1	172	C	c	NN
www-sonatype-com-3567	1	173	H	h	NN
www-sonatype-com-3567	1	174	A	a	NN
www-sonatype-com-3567	1	175	P	p	NN
www-sonatype-com-3567	1	176	T	t	NN
www-sonatype-com-3567	1	177	E	e	NN
www-sonatype-com-3567	1	178	R	r	NN
www-sonatype-com-3567	1	179	4	4	CD
www-sonatype-com-3567	1	180	How	how	WRB
www-sonatype-com-3567	1	181	High	high	JJ
www-sonatype-com-3567	1	182	Performance	performance	NN
www-sonatype-com-3567	1	183	Teams	team	NNS
www-sonatype-com-3567	1	184	Manage	manage	VBP
www-sonatype-com-3567	1	185	Open	open	JJ
www-sonatype-com-3567	1	186	Source	source	NN
www-sonatype-com-3567	1	187	Software	Software	NNP
www-sonatype-com-3567	1	188	Supply	Supply	NNP
www-sonatype-com-3567	1	189	Chains	chain	NNS
www-sonatype-com-3567	1	190	...............................	...............................	NFP
www-sonatype-com-3567	1	191	20	20	CD
www-sonatype-com-3567	1	192	Survey	survey	NN
www-sonatype-com-3567	1	193	of	of	IN
www-sonatype-com-3567	1	194	Open	Open	NNP
www-sonatype-com-3567	1	195	Source	Source	NNP
www-sonatype-com-3567	1	196	Management	Management	NNP
www-sonatype-com-3567	1	197	Practices	Practices	NNPS
www-sonatype-com-3567	1	198	..............................................	..............................................	NFP
www-sonatype-com-3567	1	199	21	21	CD
www-sonatype-com-3567	1	200	Comparing	compare	VBG
www-sonatype-com-3567	1	201	High	High	NNP
www-sonatype-com-3567	1	202	Performers	Performers	NNPS
www-sonatype-com-3567	1	203	vs.	vs.	IN
www-sonatype-com-3567	1	204	Low	Low	NNP
www-sonatype-com-3567	1	205	Performers	Performers	NNPS
www-sonatype-com-3567	1	206	......................................................	......................................................	NFP
www-sonatype-com-3567	1	207	23	23	CD
www-sonatype-com-3567	1	208	Comparing	compare	VBG
www-sonatype-com-3567	1	209	High	High	NNP
www-sonatype-com-3567	1	210	Performers	Performers	NNPS
www-sonatype-com-3567	1	211	vs.	vs.	IN
www-sonatype-com-3567	1	212	Security	Security	NNP
www-sonatype-com-3567	1	213	First	First	NNP
www-sonatype-com-3567	1	214	..........................................................	..........................................................	NFP
www-sonatype-com-3567	1	215	23	23	CD
www-sonatype-com-3567	1	216	Variables	variable	NNS
www-sonatype-com-3567	1	217	Most	Most	JJS
www-sonatype-com-3567	1	218	Impacting	Impacting	NNP
www-sonatype-com-3567	1	219	Performance	Performance	NNP
www-sonatype-com-3567	1	220	and	and	CC
www-sonatype-com-3567	1	221	Risk	Risk	NNP
www-sonatype-com-3567	1	222	Management	Management	NNP
www-sonatype-com-3567	1	223	...................	...................	NFP
www-sonatype-com-3567	1	224	24	24	CD
www-sonatype-com-3567	1	225	Influencing	Influencing	NNP
www-sonatype-com-3567	1	226	Risk	Risk	NNP
www-sonatype-com-3567	1	227	Management	Management	NNP
www-sonatype-com-3567	1	228	Outcomes	Outcomes	NNP
www-sonatype-com-3567	1	229	...........	...........	NFP
www-sonatype-com-3567	1	230	24	24	CD
www-sonatype-com-3567	1	231	Influencing	Influencing	NNP
www-sonatype-com-3567	1	232	Productivity	Productivity	NNP
www-sonatype-com-3567	1	233	Outcomes	Outcomes	NNP
www-sonatype-com-3567	1	234	.......................	.......................	NFP
www-sonatype-com-3567	1	235	26	26	CD
www-sonatype-com-3567	1	236	Influencing	Influencing	NNP
www-sonatype-com-3567	1	237	Job	Job	NNP
www-sonatype-com-3567	1	238	Satisfaction	satisfaction	NN
www-sonatype-com-3567	1	239	.....................................	.....................................	.
www-sonatype-com-3567	1	240	27	27	CD
www-sonatype-com-3567	1	241	Guidance	guidance	NN
www-sonatype-com-3567	1	242	for	for	IN
www-sonatype-com-3567	1	243	Enterprise	Enterprise	NNP
www-sonatype-com-3567	1	244	Development	Development	NNP
www-sonatype-com-3567	1	245	Teams	Teams	NNPS
www-sonatype-com-3567	1	246	..................................................	..................................................	NFP
www-sonatype-com-3567	1	247	27	27	CD
www-sonatype-com-3567	1	248	Patterns	Patterns	NNPS
www-sonatype-com-3567	1	249	Across	across	IN
www-sonatype-com-3567	1	250	OSS	OSS	NNP
www-sonatype-com-3567	1	251	Component	component	NN
www-sonatype-com-3567	1	252	Updates	Updates	NNPS
www-sonatype-com-3567	1	253	:	:	:
www-sonatype-com-3567	1	254	Easy	easy	JJ
www-sonatype-com-3567	1	255	,	,	,
www-sonatype-com-3567	1	256	Difficult	difficult	JJ
www-sonatype-com-3567	1	257	,	,	,
www-sonatype-com-3567	1	258	and	and	CC
www-sonatype-com-3567	1	259	Planned	plan	VBN
www-sonatype-com-3567	1	260	..................	..................	NFP
www-sonatype-com-3567	1	261	28	28	CD
www-sonatype-com-3567	1	262	C	c	NN
www-sonatype-com-3567	1	263	H	h	NN
www-sonatype-com-3567	1	264	A	a	NN
www-sonatype-com-3567	1	265	P	p	NN
www-sonatype-com-3567	1	266	T	t	NN
www-sonatype-com-3567	1	267	E	e	NN
www-sonatype-com-3567	1	268	R	r	NN
www-sonatype-com-3567	1	269	5	5	CD
www-sonatype-com-3567	1	270	The	the	DT
www-sonatype-com-3567	1	271	Trust	Trust	NNP
www-sonatype-com-3567	1	272	and	and	CC
www-sonatype-com-3567	1	273	Integrity	Integrity	NNP
www-sonatype-com-3567	1	274	of	of	IN
www-sonatype-com-3567	1	275	Software	Software	NNP
www-sonatype-com-3567	1	276	Supply	Supply	NNP
www-sonatype-com-3567	1	277	Chains	Chains	NNPS
www-sonatype-com-3567	1	278	.................................	.................................	NFP
www-sonatype-com-3567	1	279	31	31	CD
www-sonatype-com-3567	1	280	1	1	CD
www-sonatype-com-3567	1	281	in	in	IN
www-sonatype-com-3567	1	282	10	10	CD
www-sonatype-com-3567	1	283	OSS	oss	NN
www-sonatype-com-3567	1	284	Downloads	download	NNS
www-sonatype-com-3567	1	285	Are	be	VBP
www-sonatype-com-3567	1	286	Vulnerable	vulnerable	JJ
www-sonatype-com-3567	1	287	..............	..............	NFP
www-sonatype-com-3567	1	288	32	32	CD
www-sonatype-com-3567	1	289	Enterprises	enterprise	NNS
www-sonatype-com-3567	1	290	Rely	rely	VBP
www-sonatype-com-3567	1	291	on	on	IN
www-sonatype-com-3567	1	292	Code	Code	NNP
www-sonatype-com-3567	1	293	From	from	IN
www-sonatype-com-3567	1	294	3,500	3,500	CD
www-sonatype-com-3567	1	295	Suppliers	Suppliers	NNPS
www-sonatype-com-3567	1	296	,	,	,
www-sonatype-com-3567	1	297	But	but	CC
www-sonatype-com-3567	1	298	Quality	Quality	NNP
www-sonatype-com-3567	1	299	Varies	Varies	NNPS
www-sonatype-com-3567	1	300	......................	......................	NFP
www-sonatype-com-3567	1	301	33	33	CD
www-sonatype-com-3567	1	302	OSS	oss	NN
www-sonatype-com-3567	1	303	Components	component	NNS
www-sonatype-com-3567	1	304	Make	make	VBP
www-sonatype-com-3567	1	305	Up	up	RP
www-sonatype-com-3567	1	306	90	90	CD
www-sonatype-com-3567	1	307	%	%	NN
www-sonatype-com-3567	1	308	of	of	IN
www-sonatype-com-3567	1	309	a	a	DT
www-sonatype-com-3567	1	310	Modern	Modern	NNP
www-sonatype-com-3567	1	311	Application	Application	NNP
www-sonatype-com-3567	1	312	.................................	.................................	NFP
www-sonatype-com-3567	1	313	33	33	CD
www-sonatype-com-3567	1	314	21	21	CD
www-sonatype-com-3567	1	315	%	%	NN
www-sonatype-com-3567	1	316	of	of	IN
www-sonatype-com-3567	1	317	Enterprises	Enterprises	NNP
www-sonatype-com-3567	1	318	Experienced	experience	VBD
www-sonatype-com-3567	1	319	Open	Open	NNP
www-sonatype-com-3567	1	320	Source	source	NN
www-sonatype-com-3567	1	321	Breaches	breach	NNS
www-sonatype-com-3567	1	322	............................................	............................................	NFP
www-sonatype-com-3567	1	323	34	34	CD
www-sonatype-com-3567	1	324	C	c	NN
www-sonatype-com-3567	1	325	H	h	NN
www-sonatype-com-3567	1	326	A	a	NN
www-sonatype-com-3567	1	327	P	p	NN
www-sonatype-com-3567	1	328	T	t	NN
www-sonatype-com-3567	1	329	E	e	NN
www-sonatype-com-3567	1	330	R	r	NN
www-sonatype-com-3567	1	331	6	6	CD
www-sonatype-com-3567	1	332	The	the	DT
www-sonatype-com-3567	1	333	Changing	change	VBG
www-sonatype-com-3567	1	334	OSS	oss	NN
www-sonatype-com-3567	1	335	Landscape	Landscape	NNP
www-sonatype-com-3567	1	336	:	:	:
www-sonatype-com-3567	1	337	Social	Social	NNP
www-sonatype-com-3567	1	338	Activism	Activism	NNP
www-sonatype-com-3567	1	339	and	and	CC
www-sonatype-com-3567	1	340	Government	Government	NNP
www-sonatype-com-3567	1	341	Standards	Standards	NNPS
www-sonatype-com-3567	1	342	..................................	..................................	NFP
www-sonatype-com-3567	1	343	35	35	CD
www-sonatype-com-3567	1	344	Social	Social	NNP
www-sonatype-com-3567	1	345	Activism	Activism	NNP
www-sonatype-com-3567	1	346	and	and	CC
www-sonatype-com-3567	1	347	Open	Open	NNP
www-sonatype-com-3567	1	348	Source	source	NN
www-sonatype-com-3567	1	349	Software	software	NN
www-sonatype-com-3567	1	350	......	......	NFP
www-sonatype-com-3567	1	351	36	36	CD
www-sonatype-com-3567	1	352	Governments	government	NNS
www-sonatype-com-3567	1	353	Apply	apply	VBP
www-sonatype-com-3567	1	354	New	New	NNP
www-sonatype-com-3567	1	355	Standards	Standards	NNPS
www-sonatype-com-3567	1	356	to	to	TO
www-sonatype-com-3567	1	357	Secure	Secure	NNP
www-sonatype-com-3567	1	358	Software	Software	NNP
www-sonatype-com-3567	1	359	Supply	Supply	NNP
www-sonatype-com-3567	1	360	Chains	Chains	NNPS
www-sonatype-com-3567	1	361	.......................	.......................	NFP
www-sonatype-com-3567	1	362	36	36	CD
www-sonatype-com-3567	1	363	United	United	NNP
www-sonatype-com-3567	1	364	States	States	NNP
www-sonatype-com-3567	1	365	.................................................................	.................................................................	.
www-sonatype-com-3567	1	366	36	36	CD
www-sonatype-com-3567	1	367	United	United	NNP
www-sonatype-com-3567	1	368	Kingdom	Kingdom	NNP
www-sonatype-com-3567	1	369	...........................................................	...........................................................	NFP
www-sonatype-com-3567	1	370	38	38	CD
www-sonatype-com-3567	1	371	Australia	Australia	NNP
www-sonatype-com-3567	1	372	..........................................................................	..........................................................................	NFP
www-sonatype-com-3567	1	373	39	39	CD
www-sonatype-com-3567	1	374	Summary	Summary	NNP
www-sonatype-com-3567	1	375	..............................................................	..............................................................	NFP
www-sonatype-com-3567	1	376	40	40	CD
www-sonatype-com-3567	1	377	Sources	source	NNS
www-sonatype-com-3567	1	378	...................................................................	...................................................................	NFP
www-sonatype-com-3567	1	379	41	41	CD
www-sonatype-com-3567	1	380	Appendix	Appendix	NNP
www-sonatype-com-3567	1	381	A	A	NNP
www-sonatype-com-3567	1	382	..........................................................	..........................................................	NN
www-sonatype-com-3567	1	383	42	42	CD
www-sonatype-com-3567	1	384	Appendix	Appendix	NNP
www-sonatype-com-3567	1	385	B	B	NNP
www-sonatype-com-3567	1	386	..........................................................	..........................................................	.
www-sonatype-com-3567	1	387	43	43	CD
www-sonatype-com-3567	1	388	22020	22020	CD
www-sonatype-com-3567	1	389	STATE	STATE	NNP
www-sonatype-com-3567	1	390	OF	of	IN
www-sonatype-com-3567	1	391	THE	the	DT
www-sonatype-com-3567	1	392	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	1	393	SUPPLY	supply	NN
www-sonatype-com-3567	1	394	CHAIN	chain	NN
www-sonatype-com-3567	1	395	REPORT	report	NN
www-sonatype-com-3567	1	396	Exemplary	exemplary	JJ
www-sonatype-com-3567	1	397	projects	project	NNS
www-sonatype-com-3567	1	398	are	be	VBP
www-sonatype-com-3567	1	399	530x	530x	NNS
www-sonatype-com-3567	1	400	faster	fast	RBR
www-sonatype-com-3567	1	401	at	at	IN
www-sonatype-com-3567	1	402	updating	update	VBG
www-sonatype-com-3567	1	403	dependencies	dependency	NNS
www-sonatype-com-3567	1	404	Exemplary	exemplary	JJ
www-sonatype-com-3567	1	405	projects	project	NNS
www-sonatype-com-3567	1	406	have	have	VBP
www-sonatype-com-3567	1	407	1.5x	1.5x	CD
www-sonatype-com-3567	1	408	more	more	JJR
www-sonatype-com-3567	1	409	frequent	frequent	JJ
www-sonatype-com-3567	1	410	releases	release	NNS
www-sonatype-com-3567	1	411	NIST	NIST	NNP
www-sonatype-com-3567	1	412	introduces	introduce	VBZ
www-sonatype-com-3567	1	413	new	new	JJ
www-sonatype-com-3567	1	414	standards	standard	NNS
www-sonatype-com-3567	1	415	that	that	WDT
www-sonatype-com-3567	1	416	call	call	VBP
www-sonatype-com-3567	1	417	for	for	IN
www-sonatype-com-3567	1	418	SBOMs	SBOMs	NNPS
www-sonatype-com-3567	1	419	and	and	CC
www-sonatype-com-3567	1	420	OSS	oss	NN
www-sonatype-com-3567	1	421	security	security	NN
www-sonatype-com-3567	1	422	checks	check	NNS
www-sonatype-com-3567	1	423	Nearly	nearly	RB
www-sonatype-com-3567	1	424	40	40	CD
www-sonatype-com-3567	1	425	%	%	NN
www-sonatype-com-3567	1	426	of	of	IN
www-sonatype-com-3567	1	427	all	all	DT
www-sonatype-com-3567	1	428	npm	npm	NN
www-sonatype-com-3567	1	429	packages	package	NNS
www-sonatype-com-3567	1	430	rely	rely	VBP
www-sonatype-com-3567	1	431	on	on	IN
www-sonatype-com-3567	1	432	code	code	NN
www-sonatype-com-3567	1	433	with	with	IN
www-sonatype-com-3567	1	434	known	know	VBN
www-sonatype-com-3567	1	435	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	1	436	On	on	IN
www-sonatype-com-3567	1	437	average	average	JJ
www-sonatype-com-3567	1	438	,	,	,
www-sonatype-com-3567	1	439	there	there	EX
www-sonatype-com-3567	1	440	are	be	VBP
www-sonatype-com-3567	1	441	38	38	CD
www-sonatype-com-3567	1	442	known	known	JJ
www-sonatype-com-3567	1	443	OSS	oss	NN
www-sonatype-com-3567	1	444	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	1	445	per	per	IN
www-sonatype-com-3567	1	446	application	application	NN
www-sonatype-com-3567	1	447	430	430	CD
www-sonatype-com-3567	1	448	%	%	NN
www-sonatype-com-3567	1	449	YOY	YOY	NNP
www-sonatype-com-3567	1	450	growth	growth	NN
www-sonatype-com-3567	1	451	in	in	IN
www-sonatype-com-3567	1	452	cyber	cyber	JJ
www-sonatype-com-3567	1	453	attacks	attack	NNS
www-sonatype-com-3567	1	454	targeting	target	VBG
www-sonatype-com-3567	1	455	open	open	JJ
www-sonatype-com-3567	1	456	source	source	NN
www-sonatype-com-3567	1	457	software	software	NN
www-sonatype-com-3567	1	458	projects	project	VBZ
www-sonatype-com-3567	1	459	11	11	CD
www-sonatype-com-3567	1	460	%	%	NN
www-sonatype-com-3567	1	461	of	of	IN
www-sonatype-com-3567	1	462	components	component	NNS
www-sonatype-com-3567	1	463	used	use	VBN
www-sonatype-com-3567	1	464	in	in	IN
www-sonatype-com-3567	1	465	applications	application	NNS
www-sonatype-com-3567	1	466	are	be	VBP
www-sonatype-com-3567	1	467	known	know	VBN
www-sonatype-com-3567	1	468	vulnerable	vulnerable	JJ
www-sonatype-com-3567	1	469	High	High	NNP
www-sonatype-com-3567	1	470	Performers	Performers	NNPS
www-sonatype-com-3567	1	471	detect	detect	VBP
www-sonatype-com-3567	1	472	and	and	CC
www-sonatype-com-3567	1	473	remediate	remediate	VB
www-sonatype-com-3567	1	474	OSS	oss	NN
www-sonatype-com-3567	1	475	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	1	476	26x	26x	NNS
www-sonatype-com-3567	1	477	faster	fast	JJR
www-sonatype-com-3567	1	478	High	High	NNP
www-sonatype-com-3567	1	479	Performers	performer	NNS
www-sonatype-com-3567	1	480	are	be	VBP
www-sonatype-com-3567	1	481	28	28	CD
www-sonatype-com-3567	1	482	%	%	NN
www-sonatype-com-3567	1	483	more	more	RBR
www-sonatype-com-3567	1	484	likely	likely	JJ
www-sonatype-com-3567	1	485	to	to	TO
www-sonatype-com-3567	1	486	enforce	enforce	VB
www-sonatype-com-3567	1	487	OSS	oss	NN
www-sonatype-com-3567	1	488	governance	governance	NN
www-sonatype-com-3567	1	489	in	in	IN
www-sonatype-com-3567	1	490	Continuous	Continuous	NNP
www-sonatype-com-3567	1	491	Integration	Integration	NNP
www-sonatype-com-3567	1	492	(	(	-LRB-
www-sonatype-com-3567	1	493	CI	CI	NNP
www-sonatype-com-3567	1	494	)	)	-RRB-
www-sonatype-com-3567	1	495	High	High	NNP
www-sonatype-com-3567	1	496	Performers	performer	NNS
www-sonatype-com-3567	1	497	are	be	VBP
www-sonatype-com-3567	1	498	59	59	CD
www-sonatype-com-3567	1	499	%	%	NN
www-sonatype-com-3567	1	500	more	more	RBR
www-sonatype-com-3567	1	501	likely	likely	JJ
www-sonatype-com-3567	1	502	to	to	TO
www-sonatype-com-3567	1	503	be	be	VB
www-sonatype-com-3567	1	504	using	use	VBG
www-sonatype-com-3567	1	505	software	software	NN
www-sonatype-com-3567	1	506	composition	composition	NN
www-sonatype-com-3567	1	507	analysis	analysis	NN
www-sonatype-com-3567	1	508	(	(	-LRB-
www-sonatype-com-3567	1	509	SCA	SCA	NNP
www-sonatype-com-3567	1	510	)	)	-RRB-
www-sonatype-com-3567	1	511	tools	tool	VBZ
www-sonatype-com-3567	1	512	High	high	JJ
www-sonatype-com-3567	1	513	Performers	performer	NNS
www-sonatype-com-3567	1	514	are	be	VBP
www-sonatype-com-3567	1	515	51	51	CD
www-sonatype-com-3567	1	516	%	%	NN
www-sonatype-com-3567	1	517	more	more	RBR
www-sonatype-com-3567	1	518	likely	likely	JJ
www-sonatype-com-3567	1	519	to	to	TO
www-sonatype-com-3567	1	520	create	create	VB
www-sonatype-com-3567	1	521	a	a	DT
www-sonatype-com-3567	1	522	software	software	NN
www-sonatype-com-3567	1	523	bill	bill	NN
www-sonatype-com-3567	1	524	of	of	IN
www-sonatype-com-3567	1	525	materials	material	NNS
www-sonatype-com-3567	1	526	(	(	-LRB-
www-sonatype-com-3567	1	527	SBOM	SBOM	NNP
www-sonatype-com-3567	1	528	)	)	-RRB-
www-sonatype-com-3567	1	529	1	1	CD
www-sonatype-com-3567	1	530	in	in	IN
www-sonatype-com-3567	1	531	10	10	CD
www-sonatype-com-3567	1	532	component	component	NN
www-sonatype-com-3567	1	533	downloads	download	NNS
www-sonatype-com-3567	1	534	have	have	VBP
www-sonatype-com-3567	1	535	known	know	VBN
www-sonatype-com-3567	1	536	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	1	537	1.5	1.5	CD
www-sonatype-com-3567	1	538	trillion	trillion	CD
www-sonatype-com-3567	1	539	OSS	OSS	NNP
www-sonatype-com-3567	1	540	download	download	NN
www-sonatype-com-3567	1	541	requests	request	NNS
www-sonatype-com-3567	1	542	expected	expect	VBN
www-sonatype-com-3567	1	543	in	in	IN
www-sonatype-com-3567	1	544	2020	2020	CD
www-sonatype-com-3567	1	545	373,000	373,000	CD
www-sonatype-com-3567	1	546	average	average	JJ
www-sonatype-com-3567	1	547	enterprise	enterprise	NN
www-sonatype-com-3567	1	548	downloads	download	NNS
www-sonatype-com-3567	1	549	of	of	IN
www-sonatype-com-3567	1	550	OSS	oss	NN
www-sonatype-com-3567	1	551	components	component	NNS
www-sonatype-com-3567	1	552	per	per	IN
www-sonatype-com-3567	1	553	year	year	NN
www-sonatype-com-3567	1	554	pg	pg	NN
www-sonatype-com-3567	1	555	.	.	.
www-sonatype-com-3567	2	1	6	6	CD
www-sonatype-com-3567	2	2	pg	pg	NN
www-sonatype-com-3567	2	3	.	.	.
www-sonatype-com-3567	3	1	23	23	CD
www-sonatype-com-3567	3	2	pg	pg	NN
www-sonatype-com-3567	3	3	.	.	.
www-sonatype-com-3567	4	1	23	23	CD
www-sonatype-com-3567	4	2	pg	pg	NN
www-sonatype-com-3567	4	3	.	.	.
www-sonatype-com-3567	5	1	38	38	CD
www-sonatype-com-3567	5	2	pg	pg	NN
www-sonatype-com-3567	5	3	.	.	.
www-sonatype-com-3567	6	1	34	34	CD
www-sonatype-com-3567	6	2	pg	pg	NN
www-sonatype-com-3567	6	3	.	.	.
www-sonatype-com-3567	7	1	34	34	CD
www-sonatype-com-3567	7	2	pg	pg	NN
www-sonatype-com-3567	7	3	.	.	.
www-sonatype-com-3567	8	1	6	6	CD
www-sonatype-com-3567	8	2	pg	pg	NN
www-sonatype-com-3567	8	3	.	.	.
www-sonatype-com-3567	9	1	16	16	CD
www-sonatype-com-3567	9	2	pg	pg	NN
www-sonatype-com-3567	9	3	.	.	.
www-sonatype-com-3567	10	1	16	16	CD
www-sonatype-com-3567	10	2	pg	pg	NN
www-sonatype-com-3567	10	3	.	.	.
www-sonatype-com-3567	11	1	32	32	CD
www-sonatype-com-3567	11	2	pg	pg	NN
www-sonatype-com-3567	11	3	.	.	.
www-sonatype-com-3567	12	1	23	23	CD
www-sonatype-com-3567	12	2	pg	pg	NN
www-sonatype-com-3567	12	3	.	.	.
www-sonatype-com-3567	13	1	23	23	CD
www-sonatype-com-3567	13	2	pg	pg	NN
www-sonatype-com-3567	13	3	.	.	.
www-sonatype-com-3567	14	1	33	33	CD
www-sonatype-com-3567	14	2	pg	pg	NN
www-sonatype-com-3567	14	3	.	.	.
www-sonatype-com-3567	15	1	32	32	CD
www-sonatype-com-3567	15	2	pg	pg	NN
www-sonatype-com-3567	15	3	.	.	.
www-sonatype-com-3567	16	1	10	10	CD
www-sonatype-com-3567	16	2	47	47	CD
www-sonatype-com-3567	16	3	%	%	NN
www-sonatype-com-3567	16	4	of	of	IN
www-sonatype-com-3567	16	5	survey	survey	NN
www-sonatype-com-3567	16	6	participants	participant	NNS
www-sonatype-com-3567	16	7	became	become	VBD
www-sonatype-com-3567	16	8	aware	aware	JJ
www-sonatype-com-3567	16	9	of	of	IN
www-sonatype-com-3567	16	10	new	new	JJ
www-sonatype-com-3567	16	11	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	16	12	after	after	IN
www-sonatype-com-3567	16	13	a	a	DT
www-sonatype-com-3567	16	14	week	week	NN
www-sonatype-com-3567	16	15	’s	’s	NN
www-sonatype-com-3567	16	16	time	time	NN
www-sonatype-com-3567	16	17	Introduction	Introduction	NNP
www-sonatype-com-3567	16	18	Digital	Digital	NNP
www-sonatype-com-3567	16	19	innovation	innovation	NN
www-sonatype-com-3567	16	20	is	be	VBZ
www-sonatype-com-3567	16	21	the	the	DT
www-sonatype-com-3567	16	22	ultimate	ultimate	JJ
www-sonatype-com-3567	16	23	source	source	NN
www-sonatype-com-3567	16	24	of	of	IN
www-sonatype-com-3567	16	25	competi-	competi-	NNP
www-sonatype-com-3567	16	26	tiveness	tiveness	NN
www-sonatype-com-3567	16	27	and	and	CC
www-sonatype-com-3567	16	28	value	value	NN
www-sonatype-com-3567	16	29	creation	creation	NN
www-sonatype-com-3567	16	30	for	for	IN
www-sonatype-com-3567	16	31	almost	almost	RB
www-sonatype-com-3567	16	32	every	every	DT
www-sonatype-com-3567	16	33	type	type	NN
www-sonatype-com-3567	16	34	of	of	IN
www-sonatype-com-3567	16	35	business	business	NN
www-sonatype-com-3567	16	36	.	.	.
www-sonatype-com-3567	17	1	As	as	IN
www-sonatype-com-3567	17	2	a	a	DT
www-sonatype-com-3567	17	3	result	result	NN
www-sonatype-com-3567	17	4	,	,	,
www-sonatype-com-3567	17	5	three	three	CD
www-sonatype-com-3567	17	6	things	thing	NNS
www-sonatype-com-3567	17	7	are	be	VBP
www-sonatype-com-3567	17	8	increasingly	increasingly	RB
www-sonatype-com-3567	17	9	common	common	JJ
www-sonatype-com-3567	17	10	among	among	IN
www-sonatype-com-3567	17	11	corporate	corporate	JJ
www-sonatype-com-3567	17	12	software	software	NN
www-sonatype-com-3567	17	13	engineering	engineering	NN
www-sonatype-com-3567	17	14	teams	team	NNS
www-sonatype-com-3567	17	15	and	and	CC
www-sonatype-com-3567	17	16	the	the	DT
www-sonatype-com-3567	17	17	20	20	CD
www-sonatype-com-3567	17	18	million	million	CD
www-sonatype-com-3567	17	19	software	software	NN
www-sonatype-com-3567	17	20	developers	developer	NNS
www-sonatype-com-3567	17	21	that	that	WDT
www-sonatype-com-3567	17	22	work	work	VBP
www-sonatype-com-3567	17	23	for	for	IN
www-sonatype-com-3567	17	24	them	-PRON-	PRP
www-sonatype-com-3567	17	25	:	:	:
www-sonatype-com-3567	17	26	⊲	⊲	NNS
www-sonatype-com-3567	17	27	They	-PRON-	PRP
www-sonatype-com-3567	17	28	seek	seek	VBP
www-sonatype-com-3567	17	29	faster	fast	JJR
www-sonatype-com-3567	17	30	innovation	innovation	NN
www-sonatype-com-3567	17	31	⊲	⊲	CD
www-sonatype-com-3567	17	32	They	-PRON-	PRP
www-sonatype-com-3567	17	33	seek	seek	VBP
www-sonatype-com-3567	17	34	improved	improve	VBN
www-sonatype-com-3567	17	35	security	security	NN
www-sonatype-com-3567	17	36	⊲	⊲	NNS
www-sonatype-com-3567	17	37	They	-PRON-	PRP
www-sonatype-com-3567	17	38	utilize	utilize	VBP
www-sonatype-com-3567	17	39	a	a	DT
www-sonatype-com-3567	17	40	massive	massive	JJ
www-sonatype-com-3567	17	41	volume	volume	NN
www-sonatype-com-3567	17	42	of	of	IN
www-sonatype-com-3567	17	43	open	open	JJ
www-sonatype-com-3567	17	44	source	source	NN
www-sonatype-com-3567	17	45	libraries	librarie	VBZ
www-sonatype-com-3567	17	46	The	the	DT
www-sonatype-com-3567	17	47	universal	universal	JJ
www-sonatype-com-3567	17	48	desire	desire	NN
www-sonatype-com-3567	17	49	for	for	IN
www-sonatype-com-3567	17	50	faster	fast	JJR
www-sonatype-com-3567	17	51	innovation	innovation	NN
www-sonatype-com-3567	17	52	demands	demand	VBZ
www-sonatype-com-3567	17	53	efficient	efficient	JJ
www-sonatype-com-3567	17	54	reuse	reuse	NN
www-sonatype-com-3567	17	55	of	of	IN
www-sonatype-com-3567	17	56	code	code	NN
www-sonatype-com-3567	17	57	,	,	,
www-sonatype-com-3567	17	58	which	which	WDT
www-sonatype-com-3567	17	59	in	in	IN
www-sonatype-com-3567	17	60	turn	turn	NN
www-sonatype-com-3567	17	61	has	have	VBZ
www-sonatype-com-3567	17	62	led	lead	VBN
www-sonatype-com-3567	17	63	to	to	IN
www-sonatype-com-3567	17	64	a	a	DT
www-sonatype-com-3567	17	65	growing	grow	VBG
www-sonatype-com-3567	17	66	dependence	dependence	NN
www-sonatype-com-3567	17	67	on	on	IN
www-sonatype-com-3567	17	68	open	open	JJ
www-sonatype-com-3567	17	69	source	source	NN
www-sonatype-com-3567	17	70	and	and	CC
www-sonatype-com-3567	17	71	third-	third-	NN
www-sonatype-com-3567	17	72	party	party	NN
www-sonatype-com-3567	17	73	software	software	NN
www-sonatype-com-3567	17	74	libraries	library	NNS
www-sonatype-com-3567	17	75	.	.	.
www-sonatype-com-3567	18	1	These	these	DT
www-sonatype-com-3567	18	2	artifacts	artifact	NNS
www-sonatype-com-3567	18	3	serve	serve	VBP
www-sonatype-com-3567	18	4	as	as	IN
www-sonatype-com-3567	18	5	reusable	reusable	JJ
www-sonatype-com-3567	18	6	building	building	NN
www-sonatype-com-3567	18	7	blocks	block	NNS
www-sonatype-com-3567	18	8	,	,	,
www-sonatype-com-3567	18	9	which	which	WDT
www-sonatype-com-3567	18	10	are	be	VBP
www-sonatype-com-3567	18	11	fed	feed	VBN
www-sonatype-com-3567	18	12	into	into	IN
www-sonatype-com-3567	18	13	public	public	JJ
www-sonatype-com-3567	18	14	repositories	repository	NNS
www-sonatype-com-3567	18	15	(	(	-LRB-
www-sonatype-com-3567	18	16	npm	npm	NNP
www-sonatype-com-3567	18	17	,	,	,
www-sonatype-com-3567	18	18	Maven	Maven	NNP
www-sonatype-com-3567	18	19	Central	Central	NNP
www-sonatype-com-3567	18	20	,	,	,
www-sonatype-com-3567	18	21	PyPI	pypi	NN
www-sonatype-com-3567	18	22	,	,	,
www-sonatype-com-3567	18	23	NuGet	NuGet	NNP
www-sonatype-com-3567	18	24	Gallery	Gallery	NNP
www-sonatype-com-3567	18	25	,	,	,
www-sonatype-com-3567	18	26	RubyGems	RubyGems	NNP
www-sonatype-com-3567	18	27	,	,	,
www-sonatype-com-3567	18	28	etc	etc	FW
www-sonatype-com-3567	18	29	.	.	.
www-sonatype-com-3567	18	30	)	)	-RRB-
www-sonatype-com-3567	19	1	where	where	WRB
www-sonatype-com-3567	19	2	they	-PRON-	PRP
www-sonatype-com-3567	19	3	are	be	VBP
www-sonatype-com-3567	19	4	freely	freely	RB
www-sonatype-com-3567	19	5	borrowed	borrow	VBN
www-sonatype-com-3567	19	6	by	by	IN
www-sonatype-com-3567	19	7	millions	million	NNS
www-sonatype-com-3567	19	8	of	of	IN
www-sonatype-com-3567	19	9	developers	developer	NNS
www-sonatype-com-3567	19	10	in	in	IN
www-sonatype-com-3567	19	11	the	the	DT
www-sonatype-com-3567	19	12	pursuit	pursuit	NN
www-sonatype-com-3567	19	13	of	of	IN
www-sonatype-com-3567	19	14	faster	fast	JJR
www-sonatype-com-3567	19	15	innovation	innovation	NN
www-sonatype-com-3567	19	16	.	.	.
www-sonatype-com-3567	20	1	This	this	DT
www-sonatype-com-3567	20	2	is	be	VBZ
www-sonatype-com-3567	20	3	the	the	DT
www-sonatype-com-3567	20	4	definition	definition	NN
www-sonatype-com-3567	20	5	of	of	IN
www-sonatype-com-3567	20	6	the	the	DT
www-sonatype-com-3567	20	7	modern	modern	JJ
www-sonatype-com-3567	20	8	software	software	NN
www-sonatype-com-3567	20	9	supply	supply	NN
www-sonatype-com-3567	20	10	chain	chain	NN
www-sonatype-com-3567	20	11	.	.	.
www-sonatype-com-3567	21	1	Now	now	RB
www-sonatype-com-3567	21	2	in	in	IN
www-sonatype-com-3567	21	3	its	-PRON-	PRP$
www-sonatype-com-3567	21	4	sixth	sixth	JJ
www-sonatype-com-3567	21	5	year	year	NN
www-sonatype-com-3567	21	6	,	,	,
www-sonatype-com-3567	21	7	Sonatype	Sonatype	NNP
www-sonatype-com-3567	21	8	’s	’s	POS
www-sonatype-com-3567	21	9	State	State	NNP
www-sonatype-com-3567	21	10	of	of	IN
www-sonatype-com-3567	21	11	the	the	DT
www-sonatype-com-3567	21	12	Software	Software	NNP
www-sonatype-com-3567	21	13	Supply	Supply	NNP
www-sonatype-com-3567	21	14	Chain	Chain	NNP
www-sonatype-com-3567	21	15	Report	Report	NNP
www-sonatype-com-3567	21	16	continues	continue	VBZ
www-sonatype-com-3567	21	17	to	to	TO
www-sonatype-com-3567	21	18	exam-	exam-	.
www-sonatype-com-3567	21	19	ine	ine	NNP
www-sonatype-com-3567	21	20	compelling	compelling	JJ
www-sonatype-com-3567	21	21	and	and	CC
www-sonatype-com-3567	21	22	measurable	measurable	JJ
www-sonatype-com-3567	21	23	practices	practice	NNS
www-sonatype-com-3567	21	24	of	of	IN
www-sonatype-com-3567	21	25	secure	secure	JJ
www-sonatype-com-3567	21	26	open	open	JJ
www-sonatype-com-3567	21	27	source	source	NN
www-sonatype-com-3567	21	28	software	software	NN
www-sonatype-com-3567	21	29	development	development	NN
www-sonatype-com-3567	21	30	and	and	CC
www-sonatype-com-3567	21	31	delivery	delivery	NN
www-sonatype-com-3567	21	32	.	.	.
www-sonatype-com-3567	22	1	For	for	IN
www-sonatype-com-3567	22	2	the	the	DT
www-sonatype-com-3567	22	3	second	second	JJ
www-sonatype-com-3567	22	4	year	year	NN
www-sonatype-com-3567	22	5	in	in	IN
www-sonatype-com-3567	22	6	a	a	DT
www-sonatype-com-3567	22	7	row	row	NN
www-sonatype-com-3567	22	8	,	,	,
www-sonatype-com-3567	22	9	we	-PRON-	PRP
www-sonatype-com-3567	22	10	’ve	have	VB
www-sonatype-com-3567	22	11	collaborated	collaborate	VBN
www-sonatype-com-3567	22	12	with	with	IN
www-sonatype-com-3567	22	13	research	research	NN
www-sonatype-com-3567	22	14	partners	partner	NNS
www-sonatype-com-3567	22	15	Gene	Gene	NNP
www-sonatype-com-3567	22	16	Kim	Kim	NNP
www-sonatype-com-3567	22	17	from	from	IN
www-sonatype-com-3567	22	18	IT	IT	NNP
www-sonatype-com-3567	22	19	Revolution	Revolution	NNP
www-sonatype-com-3567	22	20	and	and	CC
www-sonatype-com-3567	22	21	Dr.	Dr.	NNP
www-sonatype-com-3567	22	22	Stephen	Stephen	NNP
www-sonatype-com-3567	22	23	Magill	Magill	NNP
www-sonatype-com-3567	22	24	,	,	,
www-sonatype-com-3567	22	25	CEO	ceo	NN
www-sonatype-com-3567	22	26	at	at	IN
www-sonatype-com-3567	22	27	MuseDev	MuseDev	NNP
www-sonatype-com-3567	22	28	,	,	,
www-sonatype-com-3567	22	29	to	to	TO
www-sonatype-com-3567	22	30	examine	examine	VB
www-sonatype-com-3567	22	31	how	how	WRB
www-sonatype-com-3567	22	32	high	high	JJ
www-sonatype-com-3567	22	33	performing	perform	VBG
www-sonatype-com-3567	22	34	enterprise	enterprise	NN
www-sonatype-com-3567	22	35	software	software	NN
www-sonatype-com-3567	22	36	development	development	NN
www-sonatype-com-3567	22	37	teams	team	NNS
www-sonatype-com-3567	22	38	successfully	successfully	RB
www-sonatype-com-3567	22	39	balance	balance	VBP
www-sonatype-com-3567	22	40	their	-PRON-	PRP$
www-sonatype-com-3567	22	41	performance	performance	NN
www-sonatype-com-3567	22	42	and	and	CC
www-sonatype-com-3567	22	43	risk	risk	NN
www-sonatype-com-3567	22	44	management	management	NN
www-sonatype-com-3567	22	45	practices	practice	NNS
www-sonatype-com-3567	22	46	while	while	IN
www-sonatype-com-3567	22	47	assembling	assemble	VBG
www-sonatype-com-3567	22	48	applications	application	NNS
www-sonatype-com-3567	22	49	with	with	IN
www-sonatype-com-3567	22	50	open	open	JJ
www-sonatype-com-3567	22	51	source	source	NN
www-sonatype-com-3567	22	52	components	component	NNS
www-sonatype-com-3567	22	53	.	.	.
www-sonatype-com-3567	23	1	The	the	DT
www-sonatype-com-3567	23	2	2020	2020	CD
www-sonatype-com-3567	23	3	State	State	NNP
www-sonatype-com-3567	23	4	of	of	IN
www-sonatype-com-3567	23	5	the	the	DT
www-sonatype-com-3567	23	6	Software	Software	NNP
www-sonatype-com-3567	23	7	Supply	Supply	NNP
www-sonatype-com-3567	23	8	Chain	Chain	NNP
www-sonatype-com-3567	23	9	Report	Report	NNP
www-sonatype-com-3567	23	10	blends	blend	VBZ
www-sonatype-com-3567	23	11	a	a	DT
www-sonatype-com-3567	23	12	broad	broad	JJ
www-sonatype-com-3567	23	13	set	set	NN
www-sonatype-com-3567	23	14	of	of	IN
www-sonatype-com-3567	23	15	public	public	JJ
www-sonatype-com-3567	23	16	and	and	CC
www-sonatype-com-3567	23	17	proprietary	proprietary	JJ
www-sonatype-com-3567	23	18	data	datum	NNS
www-sonatype-com-3567	23	19	,	,	,
www-sonatype-com-3567	23	20	along	along	IN
www-sonatype-com-3567	23	21	with	with	IN
www-sonatype-com-3567	23	22	survey	survey	NN
www-sonatype-com-3567	23	23	results	result	NNS
www-sonatype-com-3567	23	24	from	from	IN
www-sonatype-com-3567	23	25	over	over	IN
www-sonatype-com-3567	23	26	5,600	5,600	CD
www-sonatype-com-3567	23	27	professional	professional	JJ
www-sonatype-com-3567	23	28	developers	developer	NNS
www-sonatype-com-3567	23	29	to	to	TO
www-sonatype-com-3567	23	30	reveal	reveal	VB
www-sonatype-com-3567	23	31	important	important	JJ
www-sonatype-com-3567	23	32	findings	finding	NNS
www-sonatype-com-3567	23	33	,	,	,
www-sonatype-com-3567	23	34	including	include	VBG
www-sonatype-com-3567	23	35	:	:	:
www-sonatype-com-3567	23	36	⊲	⊲	CD
www-sonatype-com-3567	23	37	430	430	CD
www-sonatype-com-3567	23	38	%	%	NN
www-sonatype-com-3567	23	39	growth	growth	NN
www-sonatype-com-3567	23	40	in	in	IN
www-sonatype-com-3567	23	41	next	next	JJ
www-sonatype-com-3567	23	42	generation	generation	NN
www-sonatype-com-3567	23	43	cyber	cyber	JJ
www-sonatype-com-3567	23	44	attacks	attack	NNS
www-sonatype-com-3567	23	45	actively	actively	RB
www-sonatype-com-3567	23	46	targeting	target	VBG
www-sonatype-com-3567	23	47	open	open	JJ
www-sonatype-com-3567	23	48	source	source	NN
www-sonatype-com-3567	23	49	software	software	NN
www-sonatype-com-3567	23	50	projects	project	NNS
www-sonatype-com-3567	23	51	(	(	-LRB-
www-sonatype-com-3567	23	52	Chapter	chapter	NN
www-sonatype-com-3567	23	53	1	1	CD
www-sonatype-com-3567	23	54	)	)	-RRB-
www-sonatype-com-3567	23	55	⊲	⊲	CD
www-sonatype-com-3567	23	56	1.5	1.5	CD
www-sonatype-com-3567	23	57	trillion	trillion	CD
www-sonatype-com-3567	23	58	open	open	JJ
www-sonatype-com-3567	23	59	source	source	NN
www-sonatype-com-3567	23	60	component	component	NN
www-sonatype-com-3567	23	61	and	and	CC
www-sonatype-com-3567	23	62	container	container	NN
www-sonatype-com-3567	23	63	download	download	NN
www-sonatype-com-3567	23	64	requests	request	NNS
www-sonatype-com-3567	23	65	in	in	IN
www-sonatype-com-3567	23	66	2020	2020	CD
www-sonatype-com-3567	23	67	(	(	-LRB-
www-sonatype-com-3567	23	68	Chapter	chapter	NN
www-sonatype-com-3567	23	69	2	2	CD
www-sonatype-com-3567	23	70	)	)	-RRB-
www-sonatype-com-3567	23	71	⊲	⊲	CD
www-sonatype-com-3567	23	72	530x	530x	NNS
www-sonatype-com-3567	23	73	faster	fast	RBR
www-sonatype-com-3567	23	74	mean	mean	VBP
www-sonatype-com-3567	23	75	time	time	NN
www-sonatype-com-3567	23	76	to	to	TO
www-sonatype-com-3567	23	77	update	update	VB
www-sonatype-com-3567	23	78	dependencies	dependency	NNS
www-sonatype-com-3567	23	79	and	and	CC
www-sonatype-com-3567	23	80	2.8x	2.8x	CD
www-sonatype-com-3567	23	81	more	more	JJR
www-sonatype-com-3567	23	82	commits	commit	NNS
www-sonatype-com-3567	23	83	for	for	IN
www-sonatype-com-3567	23	84	exemplary	exemplary	JJ
www-sonatype-com-3567	23	85	open	open	JJ
www-sonatype-com-3567	23	86	source	source	NN
www-sonatype-com-3567	23	87	projects	project	NNS
www-sonatype-com-3567	23	88	(	(	-LRB-
www-sonatype-com-3567	23	89	Chapter	chapter	NN
www-sonatype-com-3567	23	90	3	3	CD
www-sonatype-com-3567	23	91	)	)	-RRB-
www-sonatype-com-3567	23	92	⊲	⊲	CD
www-sonatype-com-3567	23	93	26x	26x	NNS
www-sonatype-com-3567	23	94	faster	fast	JJR
www-sonatype-com-3567	23	95	detection	detection	NN
www-sonatype-com-3567	23	96	and	and	CC
www-sonatype-com-3567	23	97	remediation	remediation	NN
www-sonatype-com-3567	23	98	of	of	IN
www-sonatype-com-3567	23	99	open	open	JJ
www-sonatype-com-3567	23	100	source	source	NN
www-sonatype-com-3567	23	101	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	23	102	for	for	IN
www-sonatype-com-3567	23	103	high	high	JJ
www-sonatype-com-3567	23	104	performance	performance	NN
www-sonatype-com-3567	23	105	enterprise	enterprise	NN
www-sonatype-com-3567	23	106	development	development	NN
www-sonatype-com-3567	23	107	teams	team	NNS
www-sonatype-com-3567	23	108	(	(	-LRB-
www-sonatype-com-3567	23	109	Chapter	chapter	NN
www-sonatype-com-3567	23	110	4	4	CD
www-sonatype-com-3567	23	111	)	)	-RRB-
www-sonatype-com-3567	23	112	⊲	⊲	CD
www-sonatype-com-3567	23	113	11	11	CD
www-sonatype-com-3567	23	114	%	%	NN
www-sonatype-com-3567	23	115	of	of	IN
www-sonatype-com-3567	23	116	OSS	OSS	NNP
www-sonatype-com-3567	23	117	components	component	NNS
www-sonatype-com-3567	23	118	used	use	VBN
www-sonatype-com-3567	23	119	in	in	IN
www-sonatype-com-3567	23	120	applications	application	NNS
www-sonatype-com-3567	23	121	have	have	VBP
www-sonatype-com-3567	23	122	known	know	VBN
www-sonatype-com-3567	23	123	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	23	124	(	(	-LRB-
www-sonatype-com-3567	23	125	Chapter	chapter	NN
www-sonatype-com-3567	23	126	5	5	CD
www-sonatype-com-3567	23	127	)	)	-RRB-
www-sonatype-com-3567	23	128	Once	once	RB
www-sonatype-com-3567	23	129	again	again	RB
www-sonatype-com-3567	23	130	,	,	,
www-sonatype-com-3567	23	131	the	the	DT
www-sonatype-com-3567	23	132	report	report	NN
www-sonatype-com-3567	23	133	summarizes	summarize	VBZ
www-sonatype-com-3567	23	134	the	the	DT
www-sonatype-com-3567	23	135	latest	late	JJS
www-sonatype-com-3567	23	136	government	government	NN
www-sonatype-com-3567	23	137	and	and	CC
www-sonatype-com-3567	23	138	industry	industry	NN
www-sonatype-com-3567	23	139	initiatives	initiative	NNS
www-sonatype-com-3567	23	140	designed	design	VBN
www-sonatype-com-3567	23	141	to	to	TO
www-sonatype-com-3567	23	142	protect	protect	VB
www-sonatype-com-3567	23	143	software	software	NN
www-sonatype-com-3567	23	144	supply	supply	NN
www-sonatype-com-3567	23	145	chains	chain	NNS
www-sonatype-com-3567	23	146	and	and	CC
www-sonatype-com-3567	23	147	strengthen	strengthen	VB
www-sonatype-com-3567	23	148	the	the	DT
www-sonatype-com-3567	23	149	foundations	foundation	NNS
www-sonatype-com-3567	23	150	of	of	IN
www-sonatype-com-3567	23	151	open	open	JJ
www-sonatype-com-3567	23	152	source	source	NN
www-sonatype-com-3567	23	153	.	.	.
www-sonatype-com-3567	24	1	Together	together	RB
www-sonatype-com-3567	24	2	with	with	IN
www-sonatype-com-3567	24	3	our	-PRON-	PRP$
www-sonatype-com-3567	24	4	partners	partner	NNS
www-sonatype-com-3567	24	5	,	,	,
www-sonatype-com-3567	24	6	we	-PRON-	PRP
www-sonatype-com-3567	24	7	are	be	VBP
www-sonatype-com-3567	24	8	proud	proud	JJ
www-sonatype-com-3567	24	9	to	to	TO
www-sonatype-com-3567	24	10	share	share	VB
www-sonatype-com-3567	24	11	this	this	DT
www-sonatype-com-3567	24	12	research	research	NN
www-sonatype-com-3567	24	13	.	.	.
www-sonatype-com-3567	25	1	We	-PRON-	PRP
www-sonatype-com-3567	25	2	hope	hope	VBP
www-sonatype-com-3567	25	3	that	that	IN
www-sonatype-com-3567	25	4	you	-PRON-	PRP
www-sonatype-com-3567	25	5	find	find	VBP
www-sonatype-com-3567	25	6	it	-PRON-	PRP
www-sonatype-com-3567	25	7	valuable	valuable	JJ
www-sonatype-com-3567	25	8	.	.	.
www-sonatype-com-3567	26	1	42020	42020	CD
www-sonatype-com-3567	26	2	STATE	STATE	NNP
www-sonatype-com-3567	26	3	OF	of	IN
www-sonatype-com-3567	26	4	THE	the	DT
www-sonatype-com-3567	26	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	26	6	SUPPLY	supply	NN
www-sonatype-com-3567	26	7	CHAIN	CHAIN	NNP
www-sonatype-com-3567	26	8	REPORT	REPORT	NNP
www-sonatype-com-3567	26	9	CHAPTER	chapter	NN
www-sonatype-com-3567	26	10	1	1	CD
www-sonatype-com-3567	26	11	Open	open	JJ
www-sonatype-com-3567	26	12	Season	season	NN
www-sonatype-com-3567	26	13	on	on	IN
www-sonatype-com-3567	26	14	Open	open	JJ
www-sonatype-com-3567	26	15	Source	source	NN
www-sonatype-com-3567	26	16	In	in	IN
www-sonatype-com-3567	26	17	2020	2020	CD
www-sonatype-com-3567	26	18	,	,	,
www-sonatype-com-3567	26	19	developers	developer	NNS
www-sonatype-com-3567	26	20	around	around	IN
www-sonatype-com-3567	26	21	the	the	DT
www-sonatype-com-3567	26	22	world	world	NN
www-sonatype-com-3567	26	23	will	will	MD
www-sonatype-com-3567	26	24	request	request	VB
www-sonatype-com-3567	26	25	more	more	JJR
www-sonatype-com-3567	26	26	than	than	IN
www-sonatype-com-3567	26	27	1.5	1.5	CD
www-sonatype-com-3567	26	28	trillion	trillion	CD
www-sonatype-com-3567	26	29	open	open	JJ
www-sonatype-com-3567	26	30	source	source	NN
www-sonatype-com-3567	26	31	software	software	NN
www-sonatype-com-3567	26	32	compo-	compo-	NN
www-sonatype-com-3567	26	33	nents	nent	NNS
www-sonatype-com-3567	26	34	and	and	CC
www-sonatype-com-3567	26	35	containers	container	NNS
www-sonatype-com-3567	26	36	for	for	IN
www-sonatype-com-3567	26	37	one	one	CD
www-sonatype-com-3567	26	38	reason	reason	NN
www-sonatype-com-3567	26	39	:	:	:
www-sonatype-com-3567	26	40	it	-PRON-	PRP
www-sonatype-com-3567	26	41	accelerates	accelerate	VBZ
www-sonatype-com-3567	26	42	the	the	DT
www-sonatype-com-3567	26	43	pace	pace	NN
www-sonatype-com-3567	26	44	of	of	IN
www-sonatype-com-3567	26	45	innovation	innovation	NN
www-sonatype-com-3567	26	46	.	.	.
www-sonatype-com-3567	27	1	In	in	IN
www-sonatype-com-3567	27	2	the	the	DT
www-sonatype-com-3567	27	3	past	past	JJ
www-sonatype-com-3567	27	4	12	12	CD
www-sonatype-com-3567	27	5	months	month	NNS
www-sonatype-com-3567	27	6	,	,	,
www-sonatype-com-3567	27	7	the	the	DT
www-sonatype-com-3567	27	8	number	number	NN
www-sonatype-com-3567	27	9	of	of	IN
www-sonatype-com-3567	27	10	next	next	JJ
www-sonatype-com-3567	27	11	gener-	gener-	JJ
www-sonatype-com-3567	27	12	ation	ation	NN
www-sonatype-com-3567	27	13	cyber	cyber	NN
www-sonatype-com-3567	27	14	attacks	attack	NNS
www-sonatype-com-3567	27	15	aimed	aim	VBN
www-sonatype-com-3567	27	16	at	at	IN
www-sonatype-com-3567	27	17	actively	actively	RB
www-sonatype-com-3567	27	18	infiltrating	infiltrate	VBG
www-sonatype-com-3567	27	19	open	open	JJ
www-sonatype-com-3567	27	20	source	source	NN
www-sonatype-com-3567	27	21	increased	increase	VBD
www-sonatype-com-3567	27	22	430	430	CD
www-sonatype-com-3567	27	23	%	%	NN
www-sonatype-com-3567	27	24	.	.	.
www-sonatype-com-3567	28	1	The	the	DT
www-sonatype-com-3567	28	2	attacks	attack	NNS
www-sonatype-com-3567	28	3	are	be	VBP
www-sonatype-com-3567	28	4	a	a	DT
www-sonatype-com-3567	28	5	uniquely	uniquely	RB
www-sonatype-com-3567	28	6	efficient	efficient	JJ
www-sonatype-com-3567	28	7	way	way	NN
www-sonatype-com-3567	28	8	for	for	IN
www-sonatype-com-3567	28	9	adversaries	adversary	NNS
www-sonatype-com-3567	28	10	to	to	TO
www-sonatype-com-3567	28	11	gain	gain	VB
www-sonatype-com-3567	28	12	leverage	leverage	NN
www-sonatype-com-3567	28	13	and	and	CC
www-sonatype-com-3567	28	14	scale	scale	NN
www-sonatype-com-3567	28	15	by	by	IN
www-sonatype-com-3567	28	16	exploiting	exploit	VBG
www-sonatype-com-3567	28	17	software	software	NN
www-sonatype-com-3567	28	18	supply	supply	NN
www-sonatype-com-3567	28	19	chains	chain	NNS
www-sonatype-com-3567	28	20	.	.	.
www-sonatype-com-3567	29	1	Simply	simply	RB
www-sonatype-com-3567	29	2	stated	state	VBN
www-sonatype-com-3567	29	3	,	,	,
www-sonatype-com-3567	29	4	members	member	NNS
www-sonatype-com-3567	29	5	of	of	IN
www-sonatype-com-3567	29	6	the	the	DT
www-sonatype-com-3567	29	7	world	world	NN
www-sonatype-com-3567	29	8	’s	’s	POS
www-sonatype-com-3567	29	9	open	open	JJ
www-sonatype-com-3567	29	10	source	source	NN
www-sonatype-com-3567	29	11	community	community	NN
www-sonatype-com-3567	29	12	are	be	VBP
www-sonatype-com-3567	29	13	facing	face	VBG
www-sonatype-com-3567	29	14	a	a	DT
www-sonatype-com-3567	29	15	novel	novel	NN
www-sonatype-com-3567	29	16	and	and	CC
www-sonatype-com-3567	29	17	rapidly	rapidly	RB
www-sonatype-com-3567	29	18	expand-	expand-	JJ
www-sonatype-com-3567	29	19	ing	ing	NN
www-sonatype-com-3567	29	20	threat	threat	NN
www-sonatype-com-3567	29	21	that	that	WDT
www-sonatype-com-3567	29	22	has	have	VBZ
www-sonatype-com-3567	29	23	nothing	nothing	NN
www-sonatype-com-3567	29	24	to	to	TO
www-sonatype-com-3567	29	25	do	do	VB
www-sonatype-com-3567	29	26	with	with	IN
www-sonatype-com-3567	29	27	passive	passive	JJ
www-sonatype-com-3567	29	28	adversaries	adversary	NNS
www-sonatype-com-3567	29	29	exploiting	exploit	VBG
www-sonatype-com-3567	29	30	known	know	VBN
www-sonatype-com-3567	29	31	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	29	32	in	in	IN
www-sonatype-com-3567	29	33	the	the	DT
www-sonatype-com-3567	29	34	wild	wild	NN
www-sonatype-com-3567	29	35	—	—	:
www-sonatype-com-3567	29	36	and	and	CC
www-sonatype-com-3567	29	37	everything	everything	NN
www-sonatype-com-3567	29	38	to	to	TO
www-sonatype-com-3567	29	39	do	do	VB
www-sonatype-com-3567	29	40	with	with	IN
www-sonatype-com-3567	29	41	aggressive	aggressive	JJ
www-sonatype-com-3567	29	42	attackers	attacker	NNS
www-sonatype-com-3567	29	43	implanting	implant	VBG
www-sonatype-com-3567	29	44	malware	malware	NN
www-sonatype-com-3567	29	45	directly	directly	RB
www-sonatype-com-3567	29	46	into	into	IN
www-sonatype-com-3567	29	47	open	open	JJ
www-sonatype-com-3567	29	48	source	source	NN
www-sonatype-com-3567	29	49	projects	project	NNS
www-sonatype-com-3567	29	50	.	.	.
www-sonatype-com-3567	30	1	To	to	IN
www-sonatype-com-3567	30	2	that	that	DT
www-sonatype-com-3567	30	3	end	end	NN
www-sonatype-com-3567	30	4	,	,	,
www-sonatype-com-3567	30	5	it	-PRON-	PRP
www-sonatype-com-3567	30	6	is	be	VBZ
www-sonatype-com-3567	30	7	important	important	JJ
www-sonatype-com-3567	30	8	to	to	TO
www-sonatype-com-3567	30	9	distinguish	distinguish	VB
www-sonatype-com-3567	30	10	between	between	IN
www-sonatype-com-3567	30	11	legacy	legacy	NN
www-sonatype-com-3567	30	12	supply	supply	NN
www-sonatype-com-3567	30	13	chain	chain	NN
www-sonatype-com-3567	30	14	exploits	exploit	NNS
www-sonatype-com-3567	30	15	,	,	,
www-sonatype-com-3567	30	16	and	and	CC
www-sonatype-com-3567	30	17	next	next	JJ
www-sonatype-com-3567	30	18	-	-	HYPH
www-sonatype-com-3567	30	19	generation	generation	NN
www-sonatype-com-3567	30	20	supply	supply	NN
www-sonatype-com-3567	30	21	chain	chain	NN
www-sonatype-com-3567	30	22	attacks	attack	NNS
www-sonatype-com-3567	30	23	.	.	.
www-sonatype-com-3567	31	1	Software	software	NN
www-sonatype-com-3567	31	2	Supply	supply	NN
www-sonatype-com-3567	31	3	Chain	chain	NN
www-sonatype-com-3567	31	4	Attacks	Attacks	NNPS
www-sonatype-com-3567	31	5	:	:	:
www-sonatype-com-3567	31	6	Past	past	NN
www-sonatype-com-3567	31	7	and	and	CC
www-sonatype-com-3567	31	8	Future	Future	NNP
www-sonatype-com-3567	31	9	Legacy	Legacy	NNP
www-sonatype-com-3567	31	10	software	software	NN
www-sonatype-com-3567	31	11	supply	supply	NN
www-sonatype-com-3567	31	12	chain	chain	NN
www-sonatype-com-3567	31	13	“	"	``
www-sonatype-com-3567	31	14	exploits	exploit	NNS
www-sonatype-com-3567	31	15	,	,	,
www-sonatype-com-3567	31	16	”	"	''
www-sonatype-com-3567	31	17	such	such	JJ
www-sonatype-com-3567	31	18	as	as	IN
www-sonatype-com-3567	31	19	the	the	DT
www-sonatype-com-3567	31	20	now	now	RB
www-sonatype-com-3567	31	21	famous	famous	JJ
www-sonatype-com-3567	31	22	Struts	Struts	NNP
www-sonatype-com-3567	31	23	incident	incident	NN
www-sonatype-com-3567	31	24	at	at	IN
www-sonatype-com-3567	31	25	Equifax	Equifax	NNP
www-sonatype-com-3567	31	26	,	,	,
www-sonatype-com-3567	31	27	prey	prey	VB
www-sonatype-com-3567	31	28	on	on	IN
www-sonatype-com-3567	31	29	publicly	publicly	RB
www-sonatype-com-3567	31	30	disclosed	disclose	VBN
www-sonatype-com-3567	31	31	open	open	JJ
www-sonatype-com-3567	31	32	source	source	NN
www-sonatype-com-3567	31	33	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	31	34	that	that	WDT
www-sonatype-com-3567	31	35	are	be	VBP
www-sonatype-com-3567	31	36	left	leave	VBN
www-sonatype-com-3567	31	37	unpatched	unpatched	JJ
www-sonatype-com-3567	31	38	in	in	IN
www-sonatype-com-3567	31	39	the	the	DT
www-sonatype-com-3567	31	40	wild	wild	NN
www-sonatype-com-3567	31	41	.	.	.
www-sonatype-com-3567	32	1	Conversely	conversely	RB
www-sonatype-com-3567	32	2	,	,	,
www-sonatype-com-3567	32	3	next	next	JJ
www-sonatype-com-3567	32	4	generation	generation	NN
www-sonatype-com-3567	32	5	software	software	NN
www-sonatype-com-3567	32	6	supply	supply	NN
www-sonatype-com-3567	32	7	chain	chain	NN
www-sonatype-com-3567	32	8	“	"	``
www-sonatype-com-3567	32	9	attacks	attack	NNS
www-sonatype-com-3567	32	10	”	"	''
www-sonatype-com-3567	32	11	are	be	VBP
www-sonatype-com-3567	32	12	far	far	RB
www-sonatype-com-3567	32	13	more	more	RBR
www-sonatype-com-3567	32	14	sinister	sinister	JJ
www-sonatype-com-3567	32	15	because	because	IN
www-sonatype-com-3567	32	16	bad	bad	JJ
www-sonatype-com-3567	32	17	actors	actor	NNS
www-sonatype-com-3567	32	18	are	be	VBP
www-sonatype-com-3567	32	19	no	no	RB
www-sonatype-com-3567	32	20	longer	long	RBR
www-sonatype-com-3567	32	21	waiting	wait	VBG
www-sonatype-com-3567	32	22	for	for	IN
www-sonatype-com-3567	32	23	public	public	JJ
www-sonatype-com-3567	32	24	vulnerability	vulnerability	NN
www-sonatype-com-3567	32	25	disclosures	disclosure	NNS
www-sonatype-com-3567	32	26	.	.	.
www-sonatype-com-3567	33	1	Instead	instead	RB
www-sonatype-com-3567	33	2	,	,	,
www-sonatype-com-3567	33	3	they	-PRON-	PRP
www-sonatype-com-3567	33	4	are	be	VBP
www-sonatype-com-3567	33	5	taking	take	VBG
www-sonatype-com-3567	33	6	the	the	DT
www-sonatype-com-3567	33	7	initiative	initiative	NN
www-sonatype-com-3567	33	8	and	and	CC
www-sonatype-com-3567	33	9	actively	actively	RB
www-sonatype-com-3567	33	10	injecting	inject	VBG
www-sonatype-com-3567	33	11	malicious	malicious	JJ
www-sonatype-com-3567	33	12	code	code	NN
www-sonatype-com-3567	33	13	into	into	IN
www-sonatype-com-3567	33	14	open	open	JJ
www-sonatype-com-3567	33	15	source	source	NN
www-sonatype-com-3567	33	16	projects	project	NNS
www-sonatype-com-3567	33	17	that	that	WDT
www-sonatype-com-3567	33	18	feed	feed	VBP
www-sonatype-com-3567	33	19	the	the	DT
www-sonatype-com-3567	33	20	global	global	JJ
www-sonatype-com-3567	33	21	supply	supply	NN
www-sonatype-com-3567	33	22	chain	chain	NN
www-sonatype-com-3567	33	23	.	.	.
www-sonatype-com-3567	34	1	By	by	IN
www-sonatype-com-3567	34	2	shifting	shift	VBG
www-sonatype-com-3567	34	3	their	-PRON-	PRP$
www-sonatype-com-3567	34	4	focus	focus	NN
www-sonatype-com-3567	34	5	“	"	``
www-sonatype-com-3567	34	6	upstream	upstream	NNP
www-sonatype-com-3567	34	7	,	,	,
www-sonatype-com-3567	34	8	”	"	''
www-sonatype-com-3567	34	9	bad	bad	JJ
www-sonatype-com-3567	34	10	actors	actor	NNS
www-sonatype-com-3567	34	11	can	can	MD
www-sonatype-com-3567	34	12	infect	infect	VB
www-sonatype-com-3567	34	13	a	a	DT
www-sonatype-com-3567	34	14	single	single	JJ
www-sonatype-com-3567	34	15	component	component	NN
www-sonatype-com-3567	34	16	,	,	,
www-sonatype-com-3567	34	17	which	which	WDT
www-sonatype-com-3567	34	18	will	will	MD
www-sonatype-com-3567	34	19	then	then	RB
www-sonatype-com-3567	34	20	be	be	VB
www-sonatype-com-3567	34	21	distributed	distribute	VBN
www-sonatype-com-3567	34	22	“	"	``
www-sonatype-com-3567	34	23	down-	down-	JJ
www-sonatype-com-3567	34	24	stream	stream	NN
www-sonatype-com-3567	34	25	”	"	''
www-sonatype-com-3567	34	26	using	use	VBG
www-sonatype-com-3567	34	27	legitimate	legitimate	JJ
www-sonatype-com-3567	34	28	software	software	NN
www-sonatype-com-3567	34	29	workflows	workflow	NNS
www-sonatype-com-3567	34	30	and	and	CC
www-sonatype-com-3567	34	31	update	update	NN
www-sonatype-com-3567	34	32	mechanisms	mechanism	NNS
www-sonatype-com-3567	34	33	.	.	.
www-sonatype-com-3567	35	1	Two	two	CD
www-sonatype-com-3567	35	2	high	high	JJ
www-sonatype-com-3567	35	3	profile	profile	NN
www-sonatype-com-3567	35	4	examples	example	NNS
www-sonatype-com-3567	35	5	of	of	IN
www-sonatype-com-3567	35	6	these	these	DT
www-sonatype-com-3567	35	7	modern	modern	JJ
www-sonatype-com-3567	35	8	upstream	upstream	JJ
www-sonatype-com-3567	35	9	attacks	attack	NNS
www-sonatype-com-3567	35	10	are	be	VBP
www-sonatype-com-3567	35	11	event	event	NN
www-sonatype-com-3567	35	12	-	-	:
www-sonatype-com-3567	35	13	stream,1	stream,1	NN
www-sonatype-com-3567	35	14	which	which	WDT
www-sonatype-com-3567	35	15	targeted	target	VBD
www-sonatype-com-3567	35	16	the	the	DT
www-sonatype-com-3567	35	17	Copay	Copay	NNP
www-sonatype-com-3567	35	18	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	35	19	wallet	wallet	NN
www-sonatype-com-3567	35	20	in	in	IN
www-sonatype-com-3567	35	21	November	November	NNP
www-sonatype-com-3567	35	22	2018	2018	CD
www-sonatype-com-3567	35	23	,	,	,
www-sonatype-com-3567	35	24	and	and	CC
www-sonatype-com-3567	35	25	the	the	DT
www-sonatype-com-3567	35	26	recent	recent	JJ
www-sonatype-com-3567	35	27	Octopus	Octopus	NNP
www-sonatype-com-3567	35	28	Scanner	Scanner	NNP
www-sonatype-com-3567	35	29	Malware	Malware	NNP
www-sonatype-com-3567	35	30	targeting	target	VBG
www-sonatype-com-3567	35	31	the	the	DT
www-sonatype-com-3567	35	32	NetBeans	NetBeans	NNP
www-sonatype-com-3567	35	33	open	open	JJ
www-sonatype-com-3567	35	34	source	source	NN
www-sonatype-com-3567	35	35	IDE	IDE	NNP
www-sonatype-com-3567	35	36	in	in	IN
www-sonatype-com-3567	35	37	May	May	NNP
www-sonatype-com-3567	35	38	2020.2	2020.2	CD
www-sonatype-com-3567	35	39	According	accord	VBG
www-sonatype-com-3567	35	40	to	to	IN
www-sonatype-com-3567	35	41	security	security	NN
www-sonatype-com-3567	35	42	researchers	researcher	NNS
www-sonatype-com-3567	35	43	at	at	IN
www-sonatype-com-3567	35	44	the	the	DT
www-sonatype-com-3567	35	45	University	University	NNP
www-sonatype-com-3567	35	46	of	of	IN
www-sonatype-com-3567	35	47	Bonn	Bonn	NNP
www-sonatype-com-3567	35	48	,	,	,
www-sonatype-com-3567	35	49	SAP	SAP	NNP
www-sonatype-com-3567	35	50	Labs	Labs	NNP
www-sonatype-com-3567	35	51	France	France	NNP
www-sonatype-com-3567	35	52	,	,	,
www-sonatype-com-3567	35	53	and	and	CC
www-sonatype-com-3567	35	54	Fraunhofer	Fraunhofer	NNP
www-sonatype-com-3567	35	55	FKIE	FKIE	NNP
www-sonatype-com-3567	35	56	,	,	,
www-sonatype-com-3567	35	57	“	"	``
www-sonatype-com-3567	35	58	From	from	IN
www-sonatype-com-3567	35	59	an	an	DT
www-sonatype-com-3567	35	60	attacker	attacker	NN
www-sonatype-com-3567	35	61	’s	’s	POS
www-sonatype-com-3567	35	62	point	point	NN
www-sonatype-com-3567	35	63	of	of	IN
www-sonatype-com-3567	35	64	view	view	NN
www-sonatype-com-3567	35	65	,	,	,
www-sonatype-com-3567	35	66	[	[	-LRB-
www-sonatype-com-3567	35	67	large	large	JJ
www-sonatype-com-3567	35	68	scale	scale	NN
www-sonatype-com-3567	35	69	,	,	,
www-sonatype-com-3567	35	70	public	public	JJ
www-sonatype-com-3567	35	71	inter-	inter-	XX
www-sonatype-com-3567	35	72	net	net	NN
www-sonatype-com-3567	35	73	-	-	HYPH
www-sonatype-com-3567	35	74	based	base	VBN
www-sonatype-com-3567	35	75	]	]	-RRB-
www-sonatype-com-3567	35	76	package	package	NN
www-sonatype-com-3567	35	77	repositories	repository	NNS
www-sonatype-com-3567	35	78	represent	represent	VBP
www-sonatype-com-3567	35	79	a	a	DT
www-sonatype-com-3567	35	80	reliable	reliable	JJ
www-sonatype-com-3567	35	81	and	and	CC
www-sonatype-com-3567	35	82	scalable	scalable	JJ
www-sonatype-com-3567	35	83	malware	malware	JJ
www-sonatype-com-3567	35	84	distribution	distribution	NN
www-sonatype-com-3567	35	85	channel	channel	NN
www-sonatype-com-3567	35	86	.	.	.
www-sonatype-com-3567	36	1	Thus	thus	RB
www-sonatype-com-3567	36	2	far	far	RB
www-sonatype-com-3567	36	3	,	,	,
www-sonatype-com-3567	36	4	Node.js	Node.js	NNP
www-sonatype-com-3567	36	5	(	(	-LRB-
www-sonatype-com-3567	36	6	npm	npm	NNP
www-sonatype-com-3567	36	7	)	)	-RRB-
www-sonatype-com-3567	36	8	and	and	CC
www-sonatype-com-3567	36	9	Python	Python	NNP
www-sonatype-com-3567	36	10	(	(	-LRB-
www-sonatype-com-3567	36	11	PyPI	PyPI	NNP
www-sonatype-com-3567	36	12	)	)	-RRB-
www-sonatype-com-3567	36	13	repositories	repository	NNS
www-sonatype-com-3567	36	14	have	have	VBP
www-sonatype-com-3567	36	15	been	be	VBN
www-sonatype-com-3567	36	16	the	the	DT
www-sonatype-com-3567	36	17	primary	primary	JJ
www-sonatype-com-3567	36	18	targets	target	NNS
www-sonatype-com-3567	36	19	of	of	IN
www-sonatype-com-3567	36	20	malicious	malicious	JJ
www-sonatype-com-3567	36	21	packages	package	NNS
www-sonatype-com-3567	36	22	,	,	,
www-sonatype-com-3567	36	23	supposedly	supposedly	RB
www-sonatype-com-3567	36	24	due	due	IN
www-sonatype-com-3567	36	25	to	to	IN
www-sonatype-com-3567	36	26	the	the	DT
www-sonatype-com-3567	36	27	fact	fact	NN
www-sonatype-com-3567	36	28	that	that	IN
www-sonatype-com-3567	36	29	malicious	malicious	JJ
www-sonatype-com-3567	36	30	code	code	NN
www-sonatype-com-3567	36	31	can	can	MD
www-sonatype-com-3567	36	32	be	be	VB
www-sonatype-com-3567	36	33	easily	easily	RB
www-sonatype-com-3567	36	34	triggered	trigger	VBN
www-sonatype-com-3567	36	35	during	during	IN
www-sonatype-com-3567	36	36	package	package	NN
www-sonatype-com-3567	36	37	installation	installation	NN
www-sonatype-com-3567	36	38	.	.	.
www-sonatype-com-3567	36	39	”3	”3	NNP
www-sonatype-com-3567	36	40	Next	next	JJ
www-sonatype-com-3567	36	41	-	-	HYPH
www-sonatype-com-3567	36	42	generation	generation	NN
www-sonatype-com-3567	36	43	software	software	NN
www-sonatype-com-3567	36	44	supply	supply	NN
www-sonatype-com-3567	36	45	chain	chain	NN
www-sonatype-com-3567	36	46	attacks	attack	NNS
www-sonatype-com-3567	36	47	are	be	VBP
www-sonatype-com-3567	36	48	possible	possible	JJ
www-sonatype-com-3567	36	49	for	for	IN
www-sonatype-com-3567	36	50	three	three	CD
www-sonatype-com-3567	36	51	reasons	reason	NNS
www-sonatype-com-3567	36	52	:	:	:
www-sonatype-com-3567	36	53	1	1	LS
www-sonatype-com-3567	36	54	.	.	.
www-sonatype-com-3567	37	1	Open	open	JJ
www-sonatype-com-3567	37	2	source	source	NN
www-sonatype-com-3567	37	3	projects	project	NNS
www-sonatype-com-3567	37	4	rely	rely	VBP
www-sonatype-com-3567	37	5	on	on	IN
www-sonatype-com-3567	37	6	contributions	contribution	NNS
www-sonatype-com-3567	37	7	from	from	IN
www-sonatype-com-3567	37	8	thousands	thousand	NNS
www-sonatype-com-3567	37	9	of	of	IN
www-sonatype-com-3567	37	10	volunteer	volunteer	NN
www-sonatype-com-3567	37	11	developers	developer	NNS
www-sonatype-com-3567	37	12	,	,	,
www-sonatype-com-3567	37	13	and	and	CC
www-sonatype-com-3567	37	14	discriminating	discriminate	VBG
www-sonatype-com-3567	37	15	between	between	IN
www-sonatype-com-3567	37	16	community	community	NN
www-sonatype-com-3567	37	17	members	member	NNS
www-sonatype-com-3567	37	18	with	with	IN
www-sonatype-com-3567	37	19	good	good	JJ
www-sonatype-com-3567	37	20	or	or	CC
www-sonatype-com-3567	37	21	malicious	malicious	JJ
www-sonatype-com-3567	37	22	intent	intent	NN
www-sonatype-com-3567	37	23	is	be	VBZ
www-sonatype-com-3567	37	24	difficult	difficult	JJ
www-sonatype-com-3567	37	25	,	,	,
www-sonatype-com-3567	37	26	if	if	IN
www-sonatype-com-3567	37	27	not	not	RB
www-sonatype-com-3567	37	28	impossible	impossible	JJ
www-sonatype-com-3567	37	29	.	.	.
www-sonatype-com-3567	38	1	2	2	LS
www-sonatype-com-3567	38	2	.	.	.
www-sonatype-com-3567	39	1	Open	open	JJ
www-sonatype-com-3567	39	2	source	source	NN
www-sonatype-com-3567	39	3	projects	project	VBZ
www-sonatype-com-3567	39	4	themselves	-PRON-	PRP
www-sonatype-com-3567	39	5	typically	typically	RB
www-sonatype-com-3567	39	6	incorporate	incorporate	VBP
www-sonatype-com-3567	39	7	hundreds	hundred	NNS
www-sonatype-com-3567	39	8	—	—	:
www-sonatype-com-3567	39	9	if	if	IN
www-sonatype-com-3567	39	10	not	not	RB
www-sonatype-com-3567	39	11	thousands	thousand	NNS
www-sonatype-com-3567	39	12	—	—	:
www-sonatype-com-3567	39	13	of	of	IN
www-sonatype-com-3567	39	14	dependencies	dependency	NNS
www-sonatype-com-3567	39	15	from	from	IN
www-sonatype-com-3567	39	16	other	other	JJ
www-sonatype-com-3567	39	17	open	open	JJ
www-sonatype-com-3567	39	18	source	source	NN
www-sonatype-com-3567	39	19	projects	project	NNS
www-sonatype-com-3567	39	20	,	,	,
www-sonatype-com-3567	39	21	which	which	WDT
www-sonatype-com-3567	39	22	may	may	MD
www-sonatype-com-3567	39	23	contain	contain	VB
www-sonatype-com-3567	39	24	known	known	JJ
www-sonatype-com-3567	39	25	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	39	26	.	.	.
www-sonatype-com-3567	40	1	While	while	IN
www-sonatype-com-3567	40	2	some	some	DT
www-sonatype-com-3567	40	3	open	open	JJ
www-sonatype-com-3567	40	4	source	source	NN
www-sonatype-com-3567	40	5	projects	project	NNS
www-sonatype-com-3567	40	6	demonstrate	demonstrate	VBP
www-sonatype-com-3567	40	7	exemplary	exemplary	JJ
www-sonatype-com-3567	40	8	hygiene	hygiene	NN
www-sonatype-com-3567	40	9	as	as	IN
www-sonatype-com-3567	40	10	measured	measure	VBN
www-sonatype-com-3567	40	11	by	by	IN
www-sonatype-com-3567	40	12	mean	mean	JJ
www-sonatype-com-3567	40	13	time	time	NN
www-sonatype-com-3567	40	14	to	to	TO
www-sonatype-com-3567	40	15	remediate	remediate	VB
www-sonatype-com-3567	40	16	(	(	-LRB-
www-sonatype-com-3567	40	17	MTTR	MTTR	NNP
www-sonatype-com-3567	40	18	)	)	-RRB-
www-sonatype-com-3567	40	19	and	and	CC
www-sonatype-com-3567	40	20	mean	mean	VB
www-sonatype-com-3567	40	21	time	time	NN
www-sonatype-com-3567	40	22	to	to	TO
www-sonatype-com-3567	40	23	update	update	VB
www-sonatype-com-3567	40	24	(	(	-LRB-
www-sonatype-com-3567	40	25	MTTU	MTTU	NNP
www-sonatype-com-3567	40	26	)	)	-RRB-
www-sonatype-com-3567	40	27	,	,	,
www-sonatype-com-3567	40	28	many	many	JJ
www-sonatype-com-3567	40	29	others	other	NNS
www-sonatype-com-3567	40	30	do	do	VBP
www-sonatype-com-3567	40	31	not	not	RB
www-sonatype-com-3567	40	32	(	(	-LRB-
www-sonatype-com-3567	40	33	see	see	VB
www-sonatype-com-3567	40	34	Chapter	chapter	NN
www-sonatype-com-3567	40	35	3	3	CD
www-sonatype-com-3567	40	36	)	)	-RRB-
www-sonatype-com-3567	40	37	.	.	.
www-sonatype-com-3567	41	1	The	the	DT
www-sonatype-com-3567	41	2	sheer	sheer	JJ
www-sonatype-com-3567	41	3	volume	volume	NN
www-sonatype-com-3567	41	4	of	of	IN
www-sonatype-com-3567	41	5	open	open	JJ
www-sonatype-com-3567	41	6	source	source	NN
www-sonatype-com-3567	41	7	in	in	IN
www-sonatype-com-3567	41	8	use	use	NN
www-sonatype-com-3567	41	9	and	and	CC
www-sonatype-com-3567	41	10	the	the	DT
www-sonatype-com-3567	41	11	massive	massive	JJ
www-sonatype-com-3567	41	12	number	number	NN
www-sonatype-com-3567	41	13	of	of	IN
www-sonatype-com-3567	41	14	dependencies	dependency	NNS
www-sonatype-com-3567	41	15	makes	make	VBZ
www-sonatype-com-3567	41	16	it	-PRON-	PRP
www-sonatype-com-3567	41	17	difficult	difficult	JJ
www-sonatype-com-3567	41	18	to	to	TO
www-sonatype-com-3567	41	19	quickly	quickly	RB
www-sonatype-com-3567	41	20	evaluate	evaluate	VB
www-sonatype-com-3567	41	21	the	the	DT
www-sonatype-com-3567	41	22	quality	quality	NN
www-sonatype-com-3567	41	23	and	and	CC
www-sonatype-com-3567	41	24	security	security	NN
www-sonatype-com-3567	41	25	of	of	IN
www-sonatype-com-3567	41	26	every	every	DT
www-sonatype-com-3567	41	27	new	new	JJ
www-sonatype-com-3567	41	28	version	version	NN
www-sonatype-com-3567	41	29	of	of	IN
www-sonatype-com-3567	41	30	a	a	DT
www-sonatype-com-3567	41	31	dependency	dependency	NN
www-sonatype-com-3567	41	32	.	.	.
www-sonatype-com-3567	42	1	3	3	LS
www-sonatype-com-3567	42	2	.	.	.
www-sonatype-com-3567	43	1	The	the	DT
www-sonatype-com-3567	43	2	ethos	ethos	NN
www-sonatype-com-3567	43	3	of	of	IN
www-sonatype-com-3567	43	4	open	open	JJ
www-sonatype-com-3567	43	5	source	source	NN
www-sonatype-com-3567	43	6	is	be	VBZ
www-sonatype-com-3567	43	7	built	build	VBN
www-sonatype-com-3567	43	8	on	on	IN
www-sonatype-com-3567	43	9	“	"	``
www-sonatype-com-3567	43	10	shared	share	VBN
www-sonatype-com-3567	43	11	trust	trust	NN
www-sonatype-com-3567	43	12	”	"	''
www-sonatype-com-3567	43	13	between	between	IN
www-sonatype-com-3567	43	14	a	a	DT
www-sonatype-com-3567	43	15	global	global	JJ
www-sonatype-com-3567	43	16	community	community	NN
www-sonatype-com-3567	43	17	of	of	IN
www-sonatype-com-3567	43	18	individu-	individu-	FW
www-sonatype-com-3567	43	19	als	als	NNP
www-sonatype-com-3567	43	20	,	,	,
www-sonatype-com-3567	43	21	which	which	WDT
www-sonatype-com-3567	43	22	creates	create	VBZ
www-sonatype-com-3567	43	23	a	a	DT
www-sonatype-com-3567	43	24	fertile	fertile	JJ
www-sonatype-com-3567	43	25	environment	environment	NN
www-sonatype-com-3567	43	26	whereby	whereby	WRB
www-sonatype-com-3567	43	27	bad	bad	JJ
www-sonatype-com-3567	43	28	actors	actor	NNS
www-sonatype-com-3567	43	29	can	can	MD
www-sonatype-com-3567	43	30	prey	prey	VB
www-sonatype-com-3567	43	31	upon	upon	IN
www-sonatype-com-3567	43	32	good	good	JJ
www-sonatype-com-3567	43	33	people	people	NNS
www-sonatype-com-3567	43	34	with	with	IN
www-sonatype-com-3567	43	35	surprising	surprising	JJ
www-sonatype-com-3567	43	36	ease	ease	NN
www-sonatype-com-3567	43	37	.	.	.
www-sonatype-com-3567	44	1	Combined	Combined	NNP
www-sonatype-com-3567	44	2	Reach	Reach	NNP
www-sonatype-com-3567	44	3	of	of	IN
www-sonatype-com-3567	44	4	100	100	CD
www-sonatype-com-3567	44	5	Influential	Influential	NNP
www-sonatype-com-3567	44	6	Maintainers	Maintainers	NNPS
www-sonatype-com-3567	44	7	R	R	NNP
www-sonatype-com-3567	44	8	e	e	NN
www-sonatype-com-3567	44	9	a	a	DT
www-sonatype-com-3567	44	10	c	c	NN
www-sonatype-com-3567	44	11	h	h	NN
www-sonatype-com-3567	44	12	e	e	NN
www-sonatype-com-3567	44	13	d	d	NN
www-sonatype-com-3567	44	14	P	p	NN
www-sonatype-com-3567	44	15	a	a	NN
www-sonatype-com-3567	44	16	c	c	NN
www-sonatype-com-3567	44	17	k	k	NN
www-sonatype-com-3567	44	18	a	a	DT
www-sonatype-com-3567	44	19	g	g	NN
www-sonatype-com-3567	44	20	e	e	NN
www-sonatype-com-3567	44	21	s	s	NN
www-sonatype-com-3567	44	22	Number	Number	NNP
www-sonatype-com-3567	44	23	of	of	IN
www-sonatype-com-3567	44	24	Maintainers	maintainer	NNS
www-sonatype-com-3567	44	25	Ordered	order	VBN
www-sonatype-com-3567	44	26	by	by	IN
www-sonatype-com-3567	44	27	Reach	Reach	NNP
www-sonatype-com-3567	44	28	SOURCE	SOURCE	NNP
www-sonatype-com-3567	44	29	:	:	:
www-sonatype-com-3567	44	30	MARKUS	markus	JJ
www-sonatype-com-3567	44	31	ZIMMERMANN	ZIMMERMANN	NNS
www-sonatype-com-3567	44	32	AND	and	CC
www-sonatype-com-3567	44	33	CRISTIAN	CRISTIAN	NNP
www-sonatype-com-3567	44	34	-	-	HYPH
www-sonatype-com-3567	44	35	ALEXANDRU	ALEXANDRU	NNP
www-sonatype-com-3567	44	36	STAICU	STAICU	NNP
www-sonatype-com-3567	44	37	,	,	,
www-sonatype-com-3567	44	38	TU	TU	NNP
www-sonatype-com-3567	44	39	DARMSTADT	DARMSTADT	NNP
www-sonatype-com-3567	44	40	;	;	:
www-sonatype-com-3567	44	41	CAM	CAM	NNP
www-sonatype-com-3567	44	42	TENNY	TENNY	NNP
www-sonatype-com-3567	44	43	,	,	,
www-sonatype-com-3567	44	44	R2C	r2c	NN
www-sonatype-com-3567	44	45	;	;	:
www-sonatype-com-3567	44	46	MICHAEL	MICHAEL	NNP
www-sonatype-com-3567	44	47	PRADEL	PRADEL	NNP
www-sonatype-com-3567	44	48	,	,	,
www-sonatype-com-3567	44	49	TU	TU	NNP
www-sonatype-com-3567	44	50	DARMSTADT	DARMSTADT	NNP
www-sonatype-com-3567	44	51	60	60	CD
www-sonatype-com-3567	44	52	%	%	NN
www-sonatype-com-3567	44	53	52	52	CD
www-sonatype-com-3567	44	54	%	%	NN
www-sonatype-com-3567	44	55	45	45	CD
www-sonatype-com-3567	44	56	%	%	NN
www-sonatype-com-3567	44	57	37	37	CD
www-sonatype-com-3567	44	58	%	%	NN
www-sonatype-com-3567	44	59	30	30	CD
www-sonatype-com-3567	44	60	%	%	NN
www-sonatype-com-3567	44	61	22	22	CD
www-sonatype-com-3567	44	62	%	%	NN
www-sonatype-com-3567	44	63	15	15	CD
www-sonatype-com-3567	44	64	%	%	NN
www-sonatype-com-3567	44	65	7	7	CD
www-sonatype-com-3567	44	66	%	%	NN
www-sonatype-com-3567	44	67	0	0	CD
www-sonatype-com-3567	44	68	%	%	NN
www-sonatype-com-3567	44	69	0	0	CD
www-sonatype-com-3567	44	70	20	20	CD
www-sonatype-com-3567	44	71	40	40	CD
www-sonatype-com-3567	44	72	60	60	CD
www-sonatype-com-3567	44	73	80	80	CD
www-sonatype-com-3567	44	74	1000	1000	CD
www-sonatype-com-3567	44	75	20	20	CD
www-sonatype-com-3567	44	76	40	40	CD
www-sonatype-com-3567	44	77	60	60	CD
www-sonatype-com-3567	44	78	80	80	CD
www-sonatype-com-3567	44	79	100	100	CD
www-sonatype-com-3567	44	80	Evolution	evolution	NN
www-sonatype-com-3567	44	81	of	of	IN
www-sonatype-com-3567	44	82	Package	Package	NNP
www-sonatype-com-3567	44	83	Reach	Reach	NNP
www-sonatype-com-3567	44	84	for	for	IN
www-sonatype-com-3567	44	85	the	the	DT
www-sonatype-com-3567	44	86	Top	Top	NNP
www-sonatype-com-3567	44	87	5	5	CD
www-sonatype-com-3567	44	88	npm	npm	NN
www-sonatype-com-3567	44	89	Packages	package	NNS
www-sonatype-com-3567	44	90	P	p	NN
www-sonatype-com-3567	44	91	a	a	DT
www-sonatype-com-3567	44	92	c	c	NN
www-sonatype-com-3567	44	93	k	k	NN
www-sonatype-com-3567	44	94	a	a	DT
www-sonatype-com-3567	44	95	g	g	NN
www-sonatype-com-3567	44	96	e	e	NN
www-sonatype-com-3567	44	97	R	r	NN
www-sonatype-com-3567	44	98	e	e	NN
www-sonatype-com-3567	44	99	a	a	DT
www-sonatype-com-3567	44	100	c	c	NN
www-sonatype-com-3567	44	101	h	h	NN
www-sonatype-com-3567	44	102	P	p	NN
www-sonatype-com-3567	44	103	R	r	NN
www-sonatype-com-3567	44	104	t	t	NN
www-sonatype-com-3567	44	105	Time	Time	NNP
www-sonatype-com-3567	44	106	inherits	inherit	VBZ
www-sonatype-com-3567	44	107	safe	safe	JJ
www-sonatype-com-3567	44	108	-	-	HYPH
www-sonatype-com-3567	44	109	bu	bu	JJ
www-sonatype-com-3567	44	110	�	�	NNP
www-sonatype-com-3567	44	111	er	er	UH
www-sonatype-com-3567	44	112	lodash	lodash	NNP
www-sonatype-com-3567	44	113	core	core	JJ
www-sonatype-com-3567	44	114	-	-	HYPH
www-sonatype-com-3567	44	115	util	util	RB
www-sonatype-com-3567	44	116	-	-	HYPH
www-sonatype-com-3567	44	117	is	be	VBZ
www-sonatype-com-3567	44	118	ms	ms	NNP
www-sonatype-com-3567	44	119	150	150	CD
www-sonatype-com-3567	44	120	K	k	NN
www-sonatype-com-3567	44	121	125	125	CD
www-sonatype-com-3567	44	122	K	k	NN
www-sonatype-com-3567	44	123	100	100	CD
www-sonatype-com-3567	44	124	K	k	NN
www-sonatype-com-3567	44	125	75	75	CD
www-sonatype-com-3567	44	126	K	K	NNP
www-sonatype-com-3567	44	127	50	50	CD
www-sonatype-com-3567	44	128	K	k	NN
www-sonatype-com-3567	44	129	25	25	CD
www-sonatype-com-3567	44	130	K	k	NN
www-sonatype-com-3567	44	131	0	0	CD
www-sonatype-com-3567	44	132	2011	2011	CD
www-sonatype-com-3567	44	133	2012	2012	CD
www-sonatype-com-3567	44	134	2013	2013	CD
www-sonatype-com-3567	44	135	2014	2014	CD
www-sonatype-com-3567	44	136	2015	2015	CD
www-sonatype-com-3567	44	137	2016	2016	CD
www-sonatype-com-3567	44	138	2017	2017	CD
www-sonatype-com-3567	44	139	2018	2018	CD
www-sonatype-com-3567	44	140	SOURCE	SOURCE	NNP
www-sonatype-com-3567	44	141	:	:	:
www-sonatype-com-3567	44	142	MARKUS	markus	JJ
www-sonatype-com-3567	44	143	ZIMMERMANN	ZIMMERMANN	NNS
www-sonatype-com-3567	44	144	AND	and	CC
www-sonatype-com-3567	44	145	CRISTIAN	CRISTIAN	NNP
www-sonatype-com-3567	44	146	-	-	HYPH
www-sonatype-com-3567	44	147	ALEXANDRU	ALEXANDRU	NNP
www-sonatype-com-3567	44	148	STAICU	STAICU	NNP
www-sonatype-com-3567	44	149	,	,	,
www-sonatype-com-3567	44	150	TU	TU	NNP
www-sonatype-com-3567	44	151	DARMSTADT	DARMSTADT	NNP
www-sonatype-com-3567	44	152	;	;	:
www-sonatype-com-3567	44	153	CAM	CAM	NNP
www-sonatype-com-3567	44	154	TENNY	TENNY	NNP
www-sonatype-com-3567	44	155	,	,	,
www-sonatype-com-3567	44	156	R2C	r2c	NN
www-sonatype-com-3567	44	157	;	;	:
www-sonatype-com-3567	44	158	MICHAEL	MICHAEL	NNP
www-sonatype-com-3567	44	159	PRADEL	PRADEL	NNP
www-sonatype-com-3567	44	160	,	,	,
www-sonatype-com-3567	44	161	TU	TU	NNP
www-sonatype-com-3567	44	162	DARMSTADT	DARMSTADT	NNP
www-sonatype-com-3567	44	163	SOURCE	SOURCE	NNP
www-sonatype-com-3567	44	164	1A	1A	VBZ
www-sonatype-com-3567	44	165	,	,	,
www-sonatype-com-3567	44	166	1B	1b	NN
www-sonatype-com-3567	44	167	:	:	:
www-sonatype-com-3567	44	168	Markus	Markus	NNP
www-sonatype-com-3567	44	169	Zimmermann	Zimmermann	NNP
www-sonatype-com-3567	44	170	and	and	CC
www-sonatype-com-3567	44	171	Cristian	Cristian	NNP
www-sonatype-com-3567	44	172	-	-	HYPH
www-sonatype-com-3567	44	173	Alexandru	Alexandru	NNP
www-sonatype-com-3567	44	174	Staicu	Staicu	NNP
www-sonatype-com-3567	44	175	,	,	,
www-sonatype-com-3567	44	176	TU	TU	NNP
www-sonatype-com-3567	44	177	Darmstadt	Darmstadt	NNP
www-sonatype-com-3567	44	178	;	;	:
www-sonatype-com-3567	44	179	Cam	Cam	NNP
www-sonatype-com-3567	44	180	Tenny	Tenny	NNP
www-sonatype-com-3567	44	181	,	,	,
www-sonatype-com-3567	44	182	r2c	r2c	NNP
www-sonatype-com-3567	44	183	;	;	:
www-sonatype-com-3567	44	184	Michael	Michael	NNP
www-sonatype-com-3567	44	185	Pradel	Pradel	NNP
www-sonatype-com-3567	44	186	,	,	,
www-sonatype-com-3567	44	187	TU	TU	NNP
www-sonatype-com-3567	44	188	Darmstadt	Darmstadt	NNP
www-sonatype-com-3567	44	189	FIGURE	FIGURE	NNP
www-sonatype-com-3567	44	190	1A	1a	CD
www-sonatype-com-3567	44	191	Combined	Combined	NNP
www-sonatype-com-3567	44	192	Reach	Reach	NNP
www-sonatype-com-3567	44	193	of	of	IN
www-sonatype-com-3567	44	194	100	100	CD
www-sonatype-com-3567	44	195	Influential	Influential	NNP
www-sonatype-com-3567	44	196	Maintainers	Maintainers	NNPS
www-sonatype-com-3567	44	197	FIGURE	figure	VBP
www-sonatype-com-3567	44	198	1B	1b	RB
www-sonatype-com-3567	44	199	Evolution	evolution	NN
www-sonatype-com-3567	44	200	of	of	IN
www-sonatype-com-3567	44	201	Package	Package	NNP
www-sonatype-com-3567	44	202	Reach	Reach	NNP
www-sonatype-com-3567	44	203	for	for	IN
www-sonatype-com-3567	44	204	the	the	DT
www-sonatype-com-3567	44	205	Top	Top	NNP
www-sonatype-com-3567	44	206	5	5	CD
www-sonatype-com-3567	44	207	npm	npm	NN
www-sonatype-com-3567	44	208	Packages	package	NNS
www-sonatype-com-3567	44	209	62020	62020	CD
www-sonatype-com-3567	44	210	STATE	STATE	NNP
www-sonatype-com-3567	44	211	OF	of	IN
www-sonatype-com-3567	44	212	THE	the	DT
www-sonatype-com-3567	44	213	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	44	214	SUPPLY	supply	NN
www-sonatype-com-3567	44	215	CHAIN	chain	NN
www-sonatype-com-3567	44	216	REPORT	report	NN
www-sonatype-com-3567	44	217	C	c	NN
www-sonatype-com-3567	44	218	H	h	NN
www-sonatype-com-3567	44	219	A	a	NN
www-sonatype-com-3567	44	220	P	p	NN
www-sonatype-com-3567	44	221	T	t	NN
www-sonatype-com-3567	44	222	E	e	NN
www-sonatype-com-3567	44	223	R	r	NN
www-sonatype-com-3567	44	224	1	1	CD
www-sonatype-com-3567	44	225	:	:	:
www-sonatype-com-3567	44	226	O	o	NN
www-sonatype-com-3567	44	227	P	p	NN
www-sonatype-com-3567	44	228	E	e	NN
www-sonatype-com-3567	44	229	N	n	NN
www-sonatype-com-3567	44	230	S	s	NN
www-sonatype-com-3567	44	231	E	e	NN
www-sonatype-com-3567	44	232	A	a	NN
www-sonatype-com-3567	44	233	S	s	NN
www-sonatype-com-3567	44	234	O	o	NN
www-sonatype-com-3567	44	235	N	n	NN
www-sonatype-com-3567	44	236	O	o	NN
www-sonatype-com-3567	44	237	N	n	NN
www-sonatype-com-3567	44	238	O	o	NN
www-sonatype-com-3567	44	239	P	p	NN
www-sonatype-com-3567	44	240	E	e	NN
www-sonatype-com-3567	44	241	N	n	NN
www-sonatype-com-3567	44	242	S	s	NN
www-sonatype-com-3567	44	243	O	o	NN
www-sonatype-com-3567	44	244	U	u	NN
www-sonatype-com-3567	44	245	R	r	NN
www-sonatype-com-3567	44	246	C	c	NN
www-sonatype-com-3567	44	247	E	e	NN
www-sonatype-com-3567	44	248	In	in	IN
www-sonatype-com-3567	44	249	2019	2019	CD
www-sonatype-com-3567	44	250	Darmstadt	Darmstadt	NNP
www-sonatype-com-3567	44	251	University	University	NNP
www-sonatype-com-3567	44	252	researchers	researcher	NNS
www-sonatype-com-3567	44	253	found	find	VBD
www-sonatype-com-3567	44	254	that	that	IN
www-sonatype-com-3567	44	255	a	a	DT
www-sonatype-com-3567	44	256	typical	typical	JJ
www-sonatype-com-3567	44	257	npm	npm	NN
www-sonatype-com-3567	44	258	package	package	NN
www-sonatype-com-3567	44	259	contained	contain	VBD
www-sonatype-com-3567	44	260	an	an	DT
www-sonatype-com-3567	44	261	abnor-	abnor-	JJ
www-sonatype-com-3567	44	262	mally	mally	RB
www-sonatype-com-3567	44	263	large	large	JJ
www-sonatype-com-3567	44	264	number	number	NN
www-sonatype-com-3567	44	265	of	of	IN
www-sonatype-com-3567	44	266	dependencies	dependency	NNS
www-sonatype-com-3567	44	267	—	—	:
www-sonatype-com-3567	44	268	loading	load	VBG
www-sonatype-com-3567	44	269	an	an	DT
www-sonatype-com-3567	44	270	average	average	NN
www-sonatype-com-3567	44	271	of	of	IN
www-sonatype-com-3567	44	272	79	79	CD
www-sonatype-com-3567	44	273	third	third	JJ
www-sonatype-com-3567	44	274	-	-	HYPH
www-sonatype-com-3567	44	275	party	party	NN
www-sonatype-com-3567	44	276	packages	package	NNS
www-sonatype-com-3567	44	277	from	from	IN
www-sonatype-com-3567	44	278	39	39	CD
www-sonatype-com-3567	44	279	different	different	JJ
www-sonatype-com-3567	44	280	maintainers	maintainer	NNS
www-sonatype-com-3567	44	281	.	.	.
www-sonatype-com-3567	45	1	The	the	DT
www-sonatype-com-3567	45	2	research	research	NN
www-sonatype-com-3567	45	3	team	team	NN
www-sonatype-com-3567	45	4	also	also	RB
www-sonatype-com-3567	45	5	found	find	VBD
www-sonatype-com-3567	45	6	that	that	IN
www-sonatype-com-3567	45	7	391	391	CD
www-sonatype-com-3567	45	8	highly	highly	RB
www-sonatype-com-3567	45	9	influential	influential	JJ
www-sonatype-com-3567	45	10	project	project	NN
www-sonatype-com-3567	45	11	contribu-	contribu-	NN
www-sonatype-com-3567	45	12	tors	tor	NNS
www-sonatype-com-3567	45	13	affect	affect	VBP
www-sonatype-com-3567	45	14	more	more	JJR
www-sonatype-com-3567	45	15	than	than	IN
www-sonatype-com-3567	45	16	10,000	10,000	CD
www-sonatype-com-3567	45	17	components	component	NNS
www-sonatype-com-3567	45	18	through	through	IN
www-sonatype-com-3567	45	19	their	-PRON-	PRP$
www-sonatype-com-3567	45	20	complex	complex	JJ
www-sonatype-com-3567	45	21	web	web	NN
www-sonatype-com-3567	45	22	of	of	IN
www-sonatype-com-3567	45	23	dependencies.4	dependencies.4	CD
www-sonatype-com-3567	45	24	If	if	IN
www-sonatype-com-3567	45	25	an	an	DT
www-sonatype-com-3567	45	26	adversary	adversary	NN
www-sonatype-com-3567	45	27	were	be	VBD
www-sonatype-com-3567	45	28	to	to	TO
www-sonatype-com-3567	45	29	successfully	successfully	RB
www-sonatype-com-3567	45	30	identify	identify	VB
www-sonatype-com-3567	45	31	entry	entry	NN
www-sonatype-com-3567	45	32	points	point	NNS
www-sonatype-com-3567	45	33	into	into	IN
www-sonatype-com-3567	45	34	projects	project	NNS
www-sonatype-com-3567	45	35	supported	support	VBN
www-sonatype-com-3567	45	36	by	by	IN
www-sonatype-com-3567	45	37	one	one	CD
www-sonatype-com-3567	45	38	of	of	IN
www-sonatype-com-3567	45	39	these	these	DT
www-sonatype-com-3567	45	40	391	391	CD
www-sonatype-com-3567	45	41	maintainers	maintainer	NNS
www-sonatype-com-3567	45	42	,	,	,
www-sonatype-com-3567	45	43	they	-PRON-	PRP
www-sonatype-com-3567	45	44	could	could	MD
www-sonatype-com-3567	45	45	dramatically	dramatically	RB
www-sonatype-com-3567	45	46	widen	widen	VB
www-sonatype-com-3567	45	47	the	the	DT
www-sonatype-com-3567	45	48	aperture	aperture	NN
www-sonatype-com-3567	45	49	and	and	CC
www-sonatype-com-3567	45	50	impact	impact	NN
www-sonatype-com-3567	45	51	of	of	IN
www-sonatype-com-3567	45	52	their	-PRON-	PRP$
www-sonatype-com-3567	45	53	open	open	JJ
www-sonatype-com-3567	45	54	source	source	NN
www-sonatype-com-3567	45	55	supply	supply	NN
www-sonatype-com-3567	45	56	chain	chain	NN
www-sonatype-com-3567	45	57	attacks	attack	NNS
www-sonatype-com-3567	45	58	.	.	.
www-sonatype-com-3567	46	1	For	for	IN
www-sonatype-com-3567	46	2	example	example	NN
www-sonatype-com-3567	46	3	,	,	,
www-sonatype-com-3567	46	4	the	the	DT
www-sonatype-com-3567	46	5	Darmstadt	Darmstadt	NNP
www-sonatype-com-3567	46	6	team	team	NN
www-sonatype-com-3567	46	7	said	say	VBD
www-sonatype-com-3567	46	8	that	that	IN
www-sonatype-com-3567	46	9	adversaries	adversary	NNS
www-sonatype-com-3567	46	10	gaining	gain	VBG
www-sonatype-com-3567	46	11	access	access	NN
www-sonatype-com-3567	46	12	to	to	IN
www-sonatype-com-3567	46	13	20	20	CD
www-sonatype-com-3567	46	14	popular	popular	JJ
www-sonatype-com-3567	46	15	npm	npm	NN
www-sonatype-com-3567	46	16	maintainer	maintainer	NN
www-sonatype-com-3567	46	17	accounts	account	NNS
www-sonatype-com-3567	46	18	could	could	MD
www-sonatype-com-3567	46	19	deploy	deploy	VB
www-sonatype-com-3567	46	20	malicious	malicious	JJ
www-sonatype-com-3567	46	21	code	code	NN
www-sonatype-com-3567	46	22	impacting	impact	VBG
www-sonatype-com-3567	46	23	more	more	JJR
www-sonatype-com-3567	46	24	than	than	IN
www-sonatype-com-3567	46	25	half	half	NN
www-sonatype-com-3567	46	26	of	of	IN
www-sonatype-com-3567	46	27	the	the	DT
www-sonatype-com-3567	46	28	npm	npm	NNP
www-sonatype-com-3567	46	29	ecosys-	ecosys-	NNP
www-sonatype-com-3567	46	30	tem	tem	NNP
www-sonatype-com-3567	46	31	(	(	-LRB-
www-sonatype-com-3567	46	32	FIGURE	FIGURE	NNP
www-sonatype-com-3567	46	33	1A	1a	CD
www-sonatype-com-3567	46	34	)	)	-RRB-
www-sonatype-com-3567	46	35	.	.	.
www-sonatype-com-3567	47	1	Furthermore	furthermore	RB
www-sonatype-com-3567	47	2	,	,	,
www-sonatype-com-3567	47	3	the	the	DT
www-sonatype-com-3567	47	4	researchers	researcher	NNS
www-sonatype-com-3567	47	5	found	find	VBD
www-sonatype-com-3567	47	6	that	that	IN
www-sonatype-com-3567	47	7	the	the	DT
www-sonatype-com-3567	47	8	package	package	NN
www-sonatype-com-3567	47	9	reach	reach	NN
www-sonatype-com-3567	47	10	of	of	IN
www-sonatype-com-3567	47	11	the	the	DT
www-sonatype-com-3567	47	12	top	top	JJ
www-sonatype-com-3567	47	13	5	5	CD
www-sonatype-com-3567	47	14	packages	package	NNS
www-sonatype-com-3567	47	15	was	be	VBD
www-sonatype-com-3567	47	16	between	between	IN
www-sonatype-com-3567	47	17	134,774	134,774	CD
www-sonatype-com-3567	47	18	and	and	CC
www-sonatype-com-3567	47	19	166,086	166,086	CD
www-sonatype-com-3567	47	20	other	other	JJ
www-sonatype-com-3567	47	21	packages	package	NNS
www-sonatype-com-3567	47	22	,	,	,
www-sonatype-com-3567	47	23	making	make	VBG
www-sonatype-com-3567	47	24	them	-PRON-	PRP
www-sonatype-com-3567	47	25	an	an	DT
www-sonatype-com-3567	47	26	extremely	extremely	RB
www-sonatype-com-3567	47	27	attractive	attractive	JJ
www-sonatype-com-3567	47	28	target	target	NN
www-sonatype-com-3567	47	29	for	for	IN
www-sonatype-com-3567	47	30	attackers	attacker	NNS
www-sonatype-com-3567	47	31	(	(	-LRB-
www-sonatype-com-3567	47	32	FIGURE	FIGURE	NNP
www-sonatype-com-3567	47	33	1B).5	1B).5	NNP
www-sonatype-com-3567	47	34	Exacerbating	exacerbate	VBG
www-sonatype-com-3567	47	35	the	the	DT
www-sonatype-com-3567	47	36	risks	risk	NNS
www-sonatype-com-3567	47	37	even	even	RB
www-sonatype-com-3567	47	38	further	far	RBR
www-sonatype-com-3567	47	39	,	,	,
www-sonatype-com-3567	47	40	the	the	DT
www-sonatype-com-3567	47	41	Linux	Linux	NNP
www-sonatype-com-3567	47	42	Foundation	Foundation	NNP
www-sonatype-com-3567	47	43	’s	’s	POS
www-sonatype-com-3567	47	44	Core	Core	NNP
www-sonatype-com-3567	47	45	Infrastructure	Infrastructure	NNP
www-sonatype-com-3567	47	46	Initiative	Initiative	NNP
www-sonatype-com-3567	47	47	found	find	VBD
www-sonatype-com-3567	47	48	that	that	DT
www-sonatype-com-3567	47	49	of	of	IN
www-sonatype-com-3567	47	50	the	the	DT
www-sonatype-com-3567	47	51	top	top	JJ
www-sonatype-com-3567	47	52	10	10	CD
www-sonatype-com-3567	47	53	most	most	RBS
www-sonatype-com-3567	47	54	-	-	HYPH
www-sonatype-com-3567	47	55	used	use	VBN
www-sonatype-com-3567	47	56	software	software	NN
www-sonatype-com-3567	47	57	packages	package	NNS
www-sonatype-com-3567	47	58	,	,	,
www-sonatype-com-3567	47	59	seven	seven	CD
www-sonatype-com-3567	47	60	were	be	VBD
www-sonatype-com-3567	47	61	hosted	host	VBN
www-sonatype-com-3567	47	62	under	under	IN
www-sonatype-com-3567	47	63	individual	individual	JJ
www-sonatype-com-3567	47	64	developer	developer	NN
www-sonatype-com-3567	47	65	accounts	account	NNS
www-sonatype-com-3567	47	66	;	;	:
www-sonatype-com-3567	47	67	the	the	DT
www-sonatype-com-3567	47	68	researchers	researcher	NNS
www-sonatype-com-3567	47	69	then	then	RB
www-sonatype-com-3567	47	70	questioned	question	VBD
www-sonatype-com-3567	47	71	“	"	``
www-sonatype-com-3567	47	72	what	what	WP
www-sonatype-com-3567	47	73	happens	happen	VBZ
www-sonatype-com-3567	47	74	if	if	IN
www-sonatype-com-3567	47	75	one	one	CD
www-sonatype-com-3567	47	76	of	of	IN
www-sonatype-com-3567	47	77	these	these	DT
www-sonatype-com-3567	47	78	accounts	account	NNS
www-sonatype-com-3567	47	79	is	be	VBZ
www-sonatype-com-3567	47	80	hacked	hack	VBN
www-sonatype-com-3567	47	81	?	?	.
www-sonatype-com-3567	48	1	Would	Would	MD
www-sonatype-com-3567	48	2	you	-PRON-	PRP
www-sonatype-com-3567	48	3	,	,	,
www-sonatype-com-3567	48	4	farther	farther	RB
www-sonatype-com-3567	48	5	down	down	IN
www-sonatype-com-3567	48	6	the	the	DT
www-sonatype-com-3567	48	7	software	software	NN
www-sonatype-com-3567	48	8	supply	supply	NN
www-sonatype-com-3567	48	9	chain	chain	NN
www-sonatype-com-3567	48	10	,	,	,
www-sonatype-com-3567	48	11	even	even	RB
www-sonatype-com-3567	48	12	know?”6	know?”6	NNP
www-sonatype-com-3567	48	13	Rise	Rise	NNP
www-sonatype-com-3567	48	14	of	of	IN
www-sonatype-com-3567	48	15	Next	next	JJ
www-sonatype-com-3567	48	16	-	-	HYPH
www-sonatype-com-3567	48	17	Gen	Gen	NNP
www-sonatype-com-3567	48	18	Software	Software	NNP
www-sonatype-com-3567	48	19	Supply	Supply	NNP
www-sonatype-com-3567	48	20	Chain	Chain	NNP
www-sonatype-com-3567	48	21	Attacks	attack	NNS
www-sonatype-com-3567	48	22	(	(	-LRB-
www-sonatype-com-3567	48	23	2015	2015	CD
www-sonatype-com-3567	48	24	-	-	SYM
www-sonatype-com-3567	48	25	2020	2020	CD
www-sonatype-com-3567	48	26	)	)	-RRB-
www-sonatype-com-3567	48	27	Next	next	JJ
www-sonatype-com-3567	48	28	generation	generation	NN
www-sonatype-com-3567	48	29	cyber	cyber	JJ
www-sonatype-com-3567	48	30	attacks	attack	NNS
www-sonatype-com-3567	48	31	actively	actively	RB
www-sonatype-com-3567	48	32	targeting	target	VBG
www-sonatype-com-3567	48	33	open	open	JJ
www-sonatype-com-3567	48	34	source	source	NN
www-sonatype-com-3567	48	35	software	software	NN
www-sonatype-com-3567	48	36	projects	project	NNS
www-sonatype-com-3567	48	37	have	have	VBP
www-sonatype-com-3567	48	38	increased	increase	VBN
www-sonatype-com-3567	48	39	430	430	CD
www-sonatype-com-3567	48	40	%	%	NN
www-sonatype-com-3567	48	41	since	since	IN
www-sonatype-com-3567	48	42	we	-PRON-	PRP
www-sonatype-com-3567	48	43	published	publish	VBD
www-sonatype-com-3567	48	44	this	this	DT
www-sonatype-com-3567	48	45	report	report	NN
www-sonatype-com-3567	48	46	last	last	JJ
www-sonatype-com-3567	48	47	year	year	NN
www-sonatype-com-3567	48	48	.	.	.
www-sonatype-com-3567	49	1	From	from	IN
www-sonatype-com-3567	49	2	February	February	NNP
www-sonatype-com-3567	49	3	2015	2015	CD
www-sonatype-com-3567	49	4	to	to	IN
www-sonatype-com-3567	49	5	June	June	NNP
www-sonatype-com-3567	49	6	2019	2019	CD
www-sonatype-com-3567	49	7	,	,	,
www-sonatype-com-3567	49	8	216	216	CD
www-sonatype-com-3567	49	9	such	such	JJ
www-sonatype-com-3567	49	10	attacks	attack	NNS
www-sonatype-com-3567	49	11	were	be	VBD
www-sonatype-com-3567	49	12	recorded	record	VBN
www-sonatype-com-3567	49	13	.	.	.
www-sonatype-com-3567	50	1	Then	then	RB
www-sonatype-com-3567	50	2	from	from	IN
www-sonatype-com-3567	50	3	July	July	NNP
www-sonatype-com-3567	50	4	2019	2019	CD
www-sonatype-com-3567	50	5	to	to	IN
www-sonatype-com-3567	50	6	May	May	NNP
www-sonatype-com-3567	50	7	2020	2020	CD
www-sonatype-com-3567	50	8	an	an	DT
www-sonatype-com-3567	50	9	additional	additional	JJ
www-sonatype-com-3567	50	10	929	929	CD
www-sonatype-com-3567	50	11	attacks	attack	NNS
www-sonatype-com-3567	50	12	were	be	VBD
www-sonatype-com-3567	50	13	documented	document	VBN
www-sonatype-com-3567	50	14	(	(	-LRB-
www-sonatype-com-3567	50	15	FIGURE	FIGURE	NNP
www-sonatype-com-3567	50	16	1C	1c	NN
www-sonatype-com-3567	50	17	)	)	-RRB-
www-sonatype-com-3567	50	18	.	.	.
www-sonatype-com-3567	51	1	The	the	DT
www-sonatype-com-3567	51	2	most	most	RBS
www-sonatype-com-3567	51	3	common	common	JJ
www-sonatype-com-3567	51	4	type	type	NN
www-sonatype-com-3567	51	5	of	of	IN
www-sonatype-com-3567	51	6	attack	attack	NN
www-sonatype-com-3567	51	7	is	be	VBZ
www-sonatype-com-3567	51	8	Typosquatting	typosquatting	NN
www-sonatype-com-3567	51	9	,	,	,
www-sonatype-com-3567	51	10	an	an	DT
www-sonatype-com-3567	51	11	indirect	indirect	JJ
www-sonatype-com-3567	51	12	attack	attack	NN
www-sonatype-com-3567	51	13	vector	vector	NN
www-sonatype-com-3567	51	14	that	that	WDT
www-sonatype-com-3567	51	15	preys	prey	VBZ
www-sonatype-com-3567	51	16	on	on	IN
www-sonatype-com-3567	51	17	developers	developer	NNS
www-sonatype-com-3567	51	18	making	make	VBG
www-sonatype-com-3567	51	19	otherwise	otherwise	RB
www-sonatype-com-3567	51	20	innocent	innocent	JJ
www-sonatype-com-3567	51	21	typos	typo	NNS
www-sonatype-com-3567	51	22	when	when	WRB
www-sonatype-com-3567	51	23	searching	search	VBG
www-sonatype-com-3567	51	24	for	for	IN
www-sonatype-com-3567	51	25	popular	popular	JJ
www-sonatype-com-3567	51	26	components	component	NNS
www-sonatype-com-3567	51	27	.	.	.
www-sonatype-com-3567	52	1	If	if	IN
www-sonatype-com-3567	52	2	a	a	DT
www-sonatype-com-3567	52	3	developer	developer	NN
www-sonatype-com-3567	52	4	accidentally	accidentally	RB
www-sonatype-com-3567	52	5	types	type	VBZ
www-sonatype-com-3567	52	6	“	"	``
www-sonatype-com-3567	52	7	lodahs	lodah	NNS
www-sonatype-com-3567	52	8	”	"	''
www-sonatype-com-3567	52	9	when	when	WRB
www-sonatype-com-3567	52	10	their	-PRON-	PRP$
www-sonatype-com-3567	52	11	intention	intention	NN
www-sonatype-com-3567	52	12	is	be	VBZ
www-sonatype-com-3567	52	13	to	to	TO
www-sonatype-com-3567	52	14	source	source	VB
www-sonatype-com-3567	52	15	“	"	``
www-sonatype-com-3567	52	16	lodash	lodash	NNP
www-sonatype-com-3567	52	17	,	,	,
www-sonatype-com-3567	52	18	”	"	''
www-sonatype-com-3567	52	19	they	-PRON-	PRP
www-sonatype-com-3567	52	20	might	may	MD
www-sonatype-com-3567	52	21	accidentally	accidentally	RB
www-sonatype-com-3567	52	22	install	install	VB
www-sonatype-com-3567	52	23	a	a	DT
www-sonatype-com-3567	52	24	malicious	malicious	JJ
www-sonatype-com-3567	52	25	component	component	NN
www-sonatype-com-3567	52	26	of	of	IN
www-sonatype-com-3567	52	27	a	a	DT
www-sonatype-com-3567	52	28	similar	similar	JJ
www-sonatype-com-3567	52	29	name	name	NN
www-sonatype-com-3567	52	30	(	(	-LRB-
www-sonatype-com-3567	52	31	see	see	VB
www-sonatype-com-3567	52	32	Lodahs	Lodahs	NNP
www-sonatype-com-3567	52	33	,	,	,
www-sonatype-com-3567	52	34	November	November	NNP
www-sonatype-com-3567	52	35	2019	2019	CD
www-sonatype-com-3567	52	36	)	)	-RRB-
www-sonatype-com-3567	52	37	.	.	.
www-sonatype-com-3567	53	1	Another	another	DT
www-sonatype-com-3567	53	2	common	common	JJ
www-sonatype-com-3567	53	3	attack	attack	NN
www-sonatype-com-3567	53	4	is	be	VBZ
www-sonatype-com-3567	53	5	Malicious	Malicious	NNP
www-sonatype-com-3567	53	6	Code	Code	NNP
www-sonatype-com-3567	53	7	Injection	Injection	NNP
www-sonatype-com-3567	53	8	,	,	,
www-sonatype-com-3567	53	9	which	which	WDT
www-sonatype-com-3567	53	10	is	be	VBZ
www-sonatype-com-3567	53	11	carried	carry	VBN
www-sonatype-com-3567	53	12	out	out	RP
www-sonatype-com-3567	53	13	through	through	IN
www-sonatype-com-3567	53	14	a	a	DT
www-sonatype-com-3567	53	15	variety	variety	NN
www-sonatype-com-3567	53	16	of	of	IN
www-sonatype-com-3567	53	17	means	mean	NNS
www-sonatype-com-3567	53	18	,	,	,
www-sonatype-com-3567	53	19	includ-	includ-	NNP
www-sonatype-com-3567	53	20	ing	ing	NNP
www-sonatype-com-3567	53	21	stealing	steal	VBG
www-sonatype-com-3567	53	22	credentials	credential	NNS
www-sonatype-com-3567	53	23	from	from	IN
www-sonatype-com-3567	53	24	a	a	DT
www-sonatype-com-3567	53	25	project	project	NN
www-sonatype-com-3567	53	26	maintainer	maintainer	NN
www-sonatype-com-3567	53	27	(	(	-LRB-
www-sonatype-com-3567	53	28	see	see	VB
www-sonatype-com-3567	53	29	rest	rest	NN
www-sonatype-com-3567	53	30	-	-	HYPH
www-sonatype-com-3567	53	31	client	client	NN
www-sonatype-com-3567	53	32	,	,	,
www-sonatype-com-3567	53	33	August	August	NNP
www-sonatype-com-3567	53	34	2019	2019	CD
www-sonatype-com-3567	53	35	)	)	-RRB-
www-sonatype-com-3567	53	36	,	,	,
www-sonatype-com-3567	53	37	releasing	release	VBG
www-sonatype-com-3567	53	38	new	new	JJ
www-sonatype-com-3567	53	39	versions	version	NNS
www-sonatype-com-3567	53	40	of	of	IN
www-sonatype-com-3567	53	41	a	a	DT
www-sonatype-com-3567	53	42	project	project	NN
www-sonatype-com-3567	53	43	to	to	IN
www-sonatype-com-3567	53	44	a	a	DT
www-sonatype-com-3567	53	45	public	public	JJ
www-sonatype-com-3567	53	46	repository	repository	NN
www-sonatype-com-3567	53	47	(	(	-LRB-
www-sonatype-com-3567	53	48	see	see	VB
www-sonatype-com-3567	53	49	bootstrap	bootstrap	NN
www-sonatype-com-3567	53	50	-	-	HYPH
www-sonatype-com-3567	53	51	sass	sass	NN
www-sonatype-com-3567	53	52	,	,	,
www-sonatype-com-3567	53	53	April	April	NNP
www-sonatype-com-3567	53	54	2019	2019	CD
www-sonatype-com-3567	53	55	)	)	-RRB-
www-sonatype-com-3567	53	56	contributing	contributing	NN
www-sonatype-com-3567	53	57	pull	pull	NN
www-sonatype-com-3567	53	58	requests	request	NNS
www-sonatype-com-3567	53	59	to	to	IN
www-sonatype-com-3567	53	60	a	a	DT
www-sonatype-com-3567	53	61	project	project	NN
www-sonatype-com-3567	53	62	that	that	WDT
www-sonatype-com-3567	53	63	include	include	VBP
www-sonatype-com-3567	53	64	malicious	malicious	JJ
www-sonatype-com-3567	53	65	code	code	NN
www-sonatype-com-3567	53	66	(	(	-LRB-
www-sonatype-com-3567	53	67	see	see	VB
www-sonatype-com-3567	53	68	event	event	NN
www-sonatype-com-3567	53	69	-	-	HYPH
www-sonatype-com-3567	53	70	stream	stream	NN
www-sonatype-com-3567	53	71	,	,	,
www-sonatype-com-3567	53	72	November	November	NNP
www-sonatype-com-3567	53	73	2018	2018	CD
www-sonatype-com-3567	53	74	)	)	-RRB-
www-sonatype-com-3567	53	75	,	,	,
www-sonatype-com-3567	53	76	or	or	CC
www-sonatype-com-3567	53	77	tampering	tamper	VBG
www-sonatype-com-3567	53	78	with	with	IN
www-sonatype-com-3567	53	79	open	open	JJ
www-sonatype-com-3567	53	80	source	source	NN
www-sonatype-com-3567	53	81	developer	developer	NN
www-sonatype-com-3567	53	82	tools	tool	NNS
www-sonatype-com-3567	53	83	that	that	WDT
www-sonatype-com-3567	53	84	inject	inject	VBP
www-sonatype-com-3567	53	85	malicious	malicious	JJ
www-sonatype-com-3567	53	86	code	code	NN
www-sonatype-com-3567	53	87	into	into	IN
www-sonatype-com-3567	53	88	downstream	downstream	JJ
www-sonatype-com-3567	53	89	applica-	applica-	JJ
www-sonatype-com-3567	53	90	tions	tion	NNS
www-sonatype-com-3567	53	91	(	(	-LRB-
www-sonatype-com-3567	53	92	see	see	VB
www-sonatype-com-3567	53	93	Octopus	Octopus	NNP
www-sonatype-com-3567	53	94	Scanner	Scanner	NNP
www-sonatype-com-3567	53	95	,	,	,
www-sonatype-com-3567	53	96	May	May	NNP
www-sonatype-com-3567	53	97	2020	2020	CD
www-sonatype-com-3567	53	98	)	)	-RRB-
www-sonatype-com-3567	53	99	.	.	.
www-sonatype-com-3567	54	1	When	when	WRB
www-sonatype-com-3567	54	2	malicious	malicious	JJ
www-sonatype-com-3567	54	3	code	code	NN
www-sonatype-com-3567	54	4	is	be	VBZ
www-sonatype-com-3567	54	5	deliberately	deliberately	RB
www-sonatype-com-3567	54	6	and	and	CC
www-sonatype-com-3567	54	7	secretly	secretly	RB
www-sonatype-com-3567	54	8	injected	inject	VBN
www-sonatype-com-3567	54	9	upstream	upstream	NN
www-sonatype-com-3567	54	10	into	into	IN
www-sonatype-com-3567	54	11	open	open	JJ
www-sonatype-com-3567	54	12	source	source	NN
www-sonatype-com-3567	54	13	projects	project	NNS
www-sonatype-com-3567	54	14	,	,	,
www-sonatype-com-3567	54	15	it	-PRON-	PRP
www-sonatype-com-3567	54	16	is	be	VBZ
www-sonatype-com-3567	54	17	highly	highly	RB
www-sonatype-com-3567	54	18	likely	likely	JJ
www-sonatype-com-3567	54	19	that	that	IN
www-sonatype-com-3567	54	20	no	no	DT
www-sonatype-com-3567	54	21	one	one	NN
www-sonatype-com-3567	54	22	knows	know	VBZ
www-sonatype-com-3567	54	23	the	the	DT
www-sonatype-com-3567	54	24	malware	malware	NN
www-sonatype-com-3567	54	25	is	be	VBZ
www-sonatype-com-3567	54	26	there	there	RB
www-sonatype-com-3567	54	27	,	,	,
www-sonatype-com-3567	54	28	except	except	IN
www-sonatype-com-3567	54	29	for	for	IN
www-sonatype-com-3567	54	30	the	the	DT
www-sonatype-com-3567	54	31	person	person	NN
www-sonatype-com-3567	54	32	that	that	WDT
www-sonatype-com-3567	54	33	planted	plant	VBD
www-sonatype-com-3567	54	34	it	-PRON-	PRP
www-sonatype-com-3567	54	35	.	.	.
www-sonatype-com-3567	55	1	This	this	DT
www-sonatype-com-3567	55	2	approach	approach	NN
www-sonatype-com-3567	55	3	allows	allow	VBZ
www-sonatype-com-3567	55	4	adversaries	adversary	NNS
www-sonatype-com-3567	55	5	to	to	TO
www-sonatype-com-3567	55	6	surreptitiously	surreptitiously	RB
www-sonatype-com-3567	55	7	set	set	VB
www-sonatype-com-3567	55	8	traps	trap	NNS
www-sonatype-com-3567	55	9	upstream	upstream	RB
www-sonatype-com-3567	55	10	,	,	,
www-sonatype-com-3567	55	11	and	and	CC
www-sonatype-com-3567	55	12	then	then	RB
www-sonatype-com-3567	55	13	carry	carry	VB
www-sonatype-com-3567	55	14	out	out	RP
www-sonatype-com-3567	55	15	attacks	attack	NNS
www-sonatype-com-3567	55	16	downstream	downstream	JJ
www-sonatype-com-3567	55	17	once	once	IN
www-sonatype-com-3567	55	18	the	the	DT
www-sonatype-com-3567	55	19	vulnerable	vulnerable	JJ
www-sonatype-com-3567	55	20	code	code	NN
www-sonatype-com-3567	55	21	has	have	VBZ
www-sonatype-com-3567	55	22	moved	move	VBN
www-sonatype-com-3567	55	23	through	through	IN
www-sonatype-com-3567	55	24	the	the	DT
www-sonatype-com-3567	55	25	supply	supply	NN
www-sonatype-com-3567	55	26	chain	chain	NN
www-sonatype-com-3567	55	27	and	and	CC
www-sonatype-com-3567	55	28	into	into	IN
www-sonatype-com-3567	55	29	the	the	DT
www-sonatype-com-3567	55	30	wild	wild	NN
www-sonatype-com-3567	55	31	.	.	.
www-sonatype-com-3567	56	1	M	M	NNP
www-sonatype-com-3567	56	2	a	a	DT
www-sonatype-com-3567	56	3	y	y	NN
www-sonatype-com-3567	56	4	-2	-2	NFP
www-sonatype-com-3567	56	5	0	0	NFP
www-sonatype-com-3567	56	6	A	a	NN
www-sonatype-com-3567	56	7	p	p	NN
www-sonatype-com-3567	56	8	r-	r-	XX
www-sonatype-com-3567	56	9	2	2	CD
www-sonatype-com-3567	56	10	0	0	CD
www-sonatype-com-3567	56	11	F	f	NN
www-sonatype-com-3567	56	12	e	e	NNP
www-sonatype-com-3567	56	13	b	b	NNP
www-sonatype-com-3567	56	14	-2	-2	.
www-sonatype-com-3567	56	15	0	0	NFP
www-sonatype-com-3567	56	16	D	d	NN
www-sonatype-com-3567	56	17	e	e	NN
www-sonatype-com-3567	56	18	c	c	NN
www-sonatype-com-3567	56	19	-1	-1	NN
www-sonatype-com-3567	56	20	9	9	CD
www-sonatype-com-3567	56	21	N	n	NN
www-sonatype-com-3567	56	22	o	o	NN
www-sonatype-com-3567	56	23	v	v	NN
www-sonatype-com-3567	56	24	-1	-1	NN
www-sonatype-com-3567	56	25	9	9	CD
www-sonatype-com-3567	56	26	O	o	NN
www-sonatype-com-3567	56	27	c	c	NN
www-sonatype-com-3567	56	28	t-	t-	XX
www-sonatype-com-3567	56	29	19	19	CD
www-sonatype-com-3567	56	30	A	a	NN
www-sonatype-com-3567	56	31	u	u	NNP
www-sonatype-com-3567	56	32	g	g	NN
www-sonatype-com-3567	56	33	-1	-1	.
www-sonatype-com-3567	56	34	9	9	CD
www-sonatype-com-3567	56	35	J	J	NNP
www-sonatype-com-3567	56	36	u	u	NN
www-sonatype-com-3567	56	37	l-	l-	NNP
www-sonatype-com-3567	56	38	19	19	CD
www-sonatype-com-3567	56	39	J	J	NNP
www-sonatype-com-3567	56	40	u	u	NNP
www-sonatype-com-3567	56	41	n	n	NNP
www-sonatype-com-3567	56	42	-1	-1	NNP
www-sonatype-com-3567	56	43	9	9	CD
www-sonatype-com-3567	56	44	M	m	NN
www-sonatype-com-3567	56	45	a	a	DT
www-sonatype-com-3567	56	46	y	y	NN
www-sonatype-com-3567	56	47	-1	-1	NN
www-sonatype-com-3567	56	48	9	9	CD
www-sonatype-com-3567	56	49	A	a	NN
www-sonatype-com-3567	56	50	p	p	NN
www-sonatype-com-3567	56	51	r-	r-	XX
www-sonatype-com-3567	56	52	19	19	CD
www-sonatype-com-3567	56	53	M	m	NN
www-sonatype-com-3567	56	54	a	a	DT
www-sonatype-com-3567	56	55	r-	r-	NN
www-sonatype-com-3567	56	56	19	19	CD
www-sonatype-com-3567	56	57	J	j	NN
www-sonatype-com-3567	56	58	a	a	DT
www-sonatype-com-3567	56	59	n	n	NN
www-sonatype-com-3567	56	60	-1	-1	NN
www-sonatype-com-3567	56	61	9	9	CD
www-sonatype-com-3567	56	62	D	d	NN
www-sonatype-com-3567	56	63	e	e	NN
www-sonatype-com-3567	56	64	c	c	NN
www-sonatype-com-3567	56	65	-1	-1	.
www-sonatype-com-3567	56	66	8	8	CD
www-sonatype-com-3567	56	67	N	n	NN
www-sonatype-com-3567	56	68	o	o	NN
www-sonatype-com-3567	56	69	v	v	NN
www-sonatype-com-3567	56	70	-1	-1	NN
www-sonatype-com-3567	56	71	8	8	CD
www-sonatype-com-3567	56	72	O	o	NN
www-sonatype-com-3567	56	73	c	c	NN
www-sonatype-com-3567	56	74	t-	t-	CC
www-sonatype-com-3567	56	75	18	18	CD
www-sonatype-com-3567	56	76	A	a	NN
www-sonatype-com-3567	56	77	u	u	NNP
www-sonatype-com-3567	56	78	g	g	NN
www-sonatype-com-3567	56	79	-1	-1	.
www-sonatype-com-3567	56	80	8	8	CD
www-sonatype-com-3567	56	81	J	J	NNP
www-sonatype-com-3567	56	82	u	u	NN
www-sonatype-com-3567	56	83	l-	l-	NNP
www-sonatype-com-3567	56	84	18	18	CD
www-sonatype-com-3567	56	85	M	M	NNP
www-sonatype-com-3567	56	86	a	a	DT
www-sonatype-com-3567	56	87	y	y	NN
www-sonatype-com-3567	56	88	-1	-1	NN
www-sonatype-com-3567	56	89	8	8	CD
www-sonatype-com-3567	56	90	F	f	NN
www-sonatype-com-3567	56	91	e	e	NNP
www-sonatype-com-3567	56	92	b	b	NNP
www-sonatype-com-3567	56	93	-1	-1	.
www-sonatype-com-3567	56	94	8	8	CD
www-sonatype-com-3567	56	95	O	o	NN
www-sonatype-com-3567	56	96	c	c	NN
www-sonatype-com-3567	56	97	t-	t-	VBP
www-sonatype-com-3567	56	98	17	17	CD
www-sonatype-com-3567	56	99	S	s	NN
www-sonatype-com-3567	56	100	e	e	NNP
www-sonatype-com-3567	56	101	p	p	NN
www-sonatype-com-3567	56	102	-1	-1	.
www-sonatype-com-3567	56	103	7	7	CD
www-sonatype-com-3567	56	104	A	a	NN
www-sonatype-com-3567	56	105	u	u	NNP
www-sonatype-com-3567	56	106	g	g	NN
www-sonatype-com-3567	56	107	-1	-1	.
www-sonatype-com-3567	56	108	7	7	CD
www-sonatype-com-3567	56	109	M	m	NN
www-sonatype-com-3567	56	110	a	a	DT
www-sonatype-com-3567	56	111	r-	r-	NNP
www-sonatype-com-3567	56	112	15	15	CD
www-sonatype-com-3567	56	113	0	0	CD
www-sonatype-com-3567	56	114	200	200	CD
www-sonatype-com-3567	56	115	400	400	CD
www-sonatype-com-3567	56	116	600	600	CD
www-sonatype-com-3567	56	117	800	800	CD
www-sonatype-com-3567	56	118	1000	1000	CD
www-sonatype-com-3567	56	119	1200	1200	CD
www-sonatype-com-3567	56	120	Next	Next	NNP
www-sonatype-com-3567	56	121	Generation	Generation	NNP
www-sonatype-com-3567	56	122	Software	Software	NNP
www-sonatype-com-3567	56	123	Supply	Supply	NNP
www-sonatype-com-3567	56	124	Chain	Chain	NNP
www-sonatype-com-3567	56	125	Attacks	attack	NNS
www-sonatype-com-3567	56	126	(	(	-LRB-
www-sonatype-com-3567	56	127	2015	2015	CD
www-sonatype-com-3567	56	128	–	–	:
www-sonatype-com-3567	56	129	2020	2020	CD
www-sonatype-com-3567	56	130	)	)	-RRB-
www-sonatype-com-3567	56	131	Typosquatting	typosquatte	VBG
www-sonatype-com-3567	56	132	,	,	,
www-sonatype-com-3567	56	133	Malicious	Malicious	NNP
www-sonatype-com-3567	56	134	Code	Code	NNP
www-sonatype-com-3567	56	135	Injection	Injection	NNP
www-sonatype-com-3567	56	136	,	,	,
www-sonatype-com-3567	56	137	and	and	CC
www-sonatype-com-3567	56	138	Tool	tool	NN
www-sonatype-com-3567	56	139	Tampering	Tampering	NNP
www-sonatype-com-3567	56	140	FIGURE	figure	NN
www-sonatype-com-3567	56	141	1C	1c	NN
www-sonatype-com-3567	56	142	Next	next	IN
www-sonatype-com-3567	56	143	Generation	Generation	NNP
www-sonatype-com-3567	56	144	Software	Software	NNP
www-sonatype-com-3567	56	145	Supply	Supply	NNP
www-sonatype-com-3567	56	146	Chain	Chain	NNP
www-sonatype-com-3567	56	147	Attacks	attack	NNS
www-sonatype-com-3567	56	148	(	(	-LRB-
www-sonatype-com-3567	56	149	2015	2015	CD
www-sonatype-com-3567	56	150	–	–	:
www-sonatype-com-3567	56	151	2020	2020	CD
www-sonatype-com-3567	56	152	)	)	-RRB-
www-sonatype-com-3567	56	153	Typosquatting	typosquatte	VBG
www-sonatype-com-3567	56	154	,	,	,
www-sonatype-com-3567	56	155	Malicious	Malicious	NNP
www-sonatype-com-3567	56	156	Code	Code	NNP
www-sonatype-com-3567	56	157	Injection	Injection	NNP
www-sonatype-com-3567	56	158	,	,	,
www-sonatype-com-3567	56	159	and	and	CC
www-sonatype-com-3567	56	160	Tool	tool	NN
www-sonatype-com-3567	56	161	Tampering	tamper	VBG
www-sonatype-com-3567	56	162	72020	72020	CD
www-sonatype-com-3567	56	163	STATE	STATE	NNP
www-sonatype-com-3567	56	164	OF	of	IN
www-sonatype-com-3567	56	165	THE	the	DT
www-sonatype-com-3567	56	166	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	56	167	SUPPLY	supply	NN
www-sonatype-com-3567	56	168	CHAIN	chain	NN
www-sonatype-com-3567	56	169	REPORT	report	NN
www-sonatype-com-3567	56	170	C	c	NN
www-sonatype-com-3567	56	171	H	h	NN
www-sonatype-com-3567	56	172	A	a	NN
www-sonatype-com-3567	56	173	P	p	NN
www-sonatype-com-3567	56	174	T	t	NN
www-sonatype-com-3567	56	175	E	e	NN
www-sonatype-com-3567	56	176	R	r	NN
www-sonatype-com-3567	56	177	1	1	CD
www-sonatype-com-3567	56	178	:	:	:
www-sonatype-com-3567	56	179	O	o	NN
www-sonatype-com-3567	56	180	P	p	NN
www-sonatype-com-3567	56	181	E	e	NN
www-sonatype-com-3567	56	182	N	n	NN
www-sonatype-com-3567	56	183	S	s	NN
www-sonatype-com-3567	56	184	E	e	NN
www-sonatype-com-3567	56	185	A	a	NN
www-sonatype-com-3567	56	186	S	s	NN
www-sonatype-com-3567	56	187	O	o	NN
www-sonatype-com-3567	56	188	N	n	NN
www-sonatype-com-3567	56	189	O	o	NN
www-sonatype-com-3567	56	190	N	n	NN
www-sonatype-com-3567	56	191	O	o	NN
www-sonatype-com-3567	56	192	P	p	NN
www-sonatype-com-3567	56	193	E	e	NN
www-sonatype-com-3567	56	194	N	n	NN
www-sonatype-com-3567	56	195	S	s	NN
www-sonatype-com-3567	56	196	O	o	NN
www-sonatype-com-3567	56	197	U	u	NN
www-sonatype-com-3567	56	198	R	r	NN
www-sonatype-com-3567	56	199	C	c	NN
www-sonatype-com-3567	56	200	E	e	NN
www-sonatype-com-3567	56	201	https://blog.sonatype.com/open-source-software-is-under-attack-new-event-stream-hack-is-latest-proof	https://blog.sonatype.com/open-source-software-is-under-attack-new-event-stream-hack-is-latest-proof	NNP
www-sonatype-com-3567	56	202	An	an	DT
www-sonatype-com-3567	56	203	abbreviated	abbreviate	VBN
www-sonatype-com-3567	56	204	list	list	NN
www-sonatype-com-3567	56	205	of	of	IN
www-sonatype-com-3567	56	206	next	next	JJ
www-sonatype-com-3567	56	207	-	-	HYPH
www-sonatype-com-3567	56	208	generation	generation	NN
www-sonatype-com-3567	56	209	software	software	NN
www-sonatype-com-3567	56	210	supply	supply	NN
www-sonatype-com-3567	56	211	chain	chain	NN
www-sonatype-com-3567	56	212	attacks	attack	NNS
www-sonatype-com-3567	56	213	occurring	occur	VBG
www-sonatype-com-3567	56	214	from	from	IN
www-sonatype-com-3567	56	215	January	January	NNP
www-sonatype-com-3567	56	216	2019	2019	CD
www-sonatype-com-3567	56	217	–	–	:
www-sonatype-com-3567	56	218	May	May	NNP
www-sonatype-com-3567	56	219	2020	2020	CD
www-sonatype-com-3567	56	220	:	:	:
www-sonatype-com-3567	56	221	JANUARY	JANUARY	NNP
www-sonatype-com-3567	56	222	2019	2019	CD
www-sonatype-com-3567	56	223	⊲	⊲	CD
www-sonatype-com-3567	56	224	pytz3-dev	pytz3-dev	NNP
www-sonatype-com-3567	56	225	The	the	DT
www-sonatype-com-3567	56	226	author	author	NN
www-sonatype-com-3567	56	227	of	of	IN
www-sonatype-com-3567	56	228	this	this	DT
www-sonatype-com-3567	56	229	PyPI	pypi	NN
www-sonatype-com-3567	56	230	package	package	NN
www-sonatype-com-3567	56	231	seems	seem	VBZ
www-sonatype-com-3567	56	232	to	to	TO
www-sonatype-com-3567	56	233	have	have	VB
www-sonatype-com-3567	56	234	copied	copy	VBN
www-sonatype-com-3567	56	235	the	the	DT
www-sonatype-com-3567	56	236	‘	'	``
www-sonatype-com-3567	56	237	pytz	pytz	NN
www-sonatype-com-3567	56	238	’	'	''
www-sonatype-com-3567	56	239	package	package	NN
www-sonatype-com-3567	56	240	code	code	NN
www-sonatype-com-3567	56	241	and	and	CC
www-sonatype-com-3567	56	242	then	then	RB
www-sonatype-com-3567	56	243	added	add	VBN
www-sonatype-com-3567	56	244	malicious	malicious	JJ
www-sonatype-com-3567	56	245	code	code	NN
www-sonatype-com-3567	56	246	that	that	WDT
www-sonatype-com-3567	56	247	finds	find	VBZ
www-sonatype-com-3567	56	248	the	the	DT
www-sonatype-com-3567	56	249	Discord	Discord	NNP
www-sonatype-com-3567	56	250	application	application	NN
www-sonatype-com-3567	56	251	’s	’s	POS
www-sonatype-com-3567	56	252	data	datum	NNS
www-sonatype-com-3567	56	253	folder	folder	NN
www-sonatype-com-3567	56	254	on	on	IN
www-sonatype-com-3567	56	255	Windows	Windows	NNP
www-sonatype-com-3567	56	256	machines	machine	NNS
www-sonatype-com-3567	56	257	and	and	CC
www-sonatype-com-3567	56	258	attempts	attempt	NNS
www-sonatype-com-3567	56	259	to	to	TO
www-sonatype-com-3567	56	260	extract	extract	VB
www-sonatype-com-3567	56	261	the	the	DT
www-sonatype-com-3567	56	262	Discord	Discord	NNP
www-sonatype-com-3567	56	263	token	token	VBN
www-sonatype-com-3567	56	264	from	from	IN
www-sonatype-com-3567	56	265	a	a	DT
www-sonatype-com-3567	56	266	SQLite	SQLite	NNP
www-sonatype-com-3567	56	267	database	database	NN
www-sonatype-com-3567	56	268	file	file	NN
www-sonatype-com-3567	56	269	.	.	.
www-sonatype-com-3567	57	1	The	the	DT
www-sonatype-com-3567	57	2	package	package	NN
www-sonatype-com-3567	57	3	has	have	VBZ
www-sonatype-com-3567	57	4	been	be	VBN
www-sonatype-com-3567	57	5	downloaded	download	VBN
www-sonatype-com-3567	57	6	about	about	IN
www-sonatype-com-3567	57	7	47	47	CD
www-sonatype-com-3567	57	8	times	time	NNS
www-sonatype-com-3567	57	9	per	per	IN
www-sonatype-com-3567	57	10	month.7	month.7	CD
www-sonatype-com-3567	57	11	⊲	⊲	CD
www-sonatype-com-3567	57	12	smartsearchwp	smartsearchwp	NNS
www-sonatype-com-3567	57	13	Published	publish	VBN
www-sonatype-com-3567	57	14	in	in	IN
www-sonatype-com-3567	57	15	January	January	NNP
www-sonatype-com-3567	57	16	2019	2019	CD
www-sonatype-com-3567	57	17	and	and	CC
www-sonatype-com-3567	57	18	then	then	RB
www-sonatype-com-3567	57	19	yanked	yank	VBD
www-sonatype-com-3567	57	20	from	from	IN
www-sonatype-com-3567	57	21	the	the	DT
www-sonatype-com-3567	57	22	npm	npm	NNP
www-sonatype-com-3567	57	23	repository	repository	NN
www-sonatype-com-3567	57	24	in	in	IN
www-sonatype-com-3567	57	25	June	June	NNP
www-sonatype-com-3567	57	26	2020	2020	CD
www-sonatype-com-3567	57	27	,	,	,
www-sonatype-com-3567	57	28	included	include	VBD
www-sonatype-com-3567	57	29	malicious	malicious	JJ
www-sonatype-com-3567	57	30	code	code	NN
www-sonatype-com-3567	57	31	that	that	WDT
www-sonatype-com-3567	57	32	provided	provide	VBD
www-sonatype-com-3567	57	33	a	a	DT
www-sonatype-com-3567	57	34	backdoor	backdoor	NN
www-sonatype-com-3567	57	35	to	to	TO
www-sonatype-com-3567	57	36	support	support	VB
www-sonatype-com-3567	57	37	data	datum	NNS
www-sonatype-com-3567	57	38	exfiltration.8	exfiltration.8	NNP
www-sonatype-com-3567	57	39	MARCH	MARCH	NNP
www-sonatype-com-3567	57	40	2019	2019	CD
www-sonatype-com-3567	57	41	⊲	⊲	CD
www-sonatype-com-3567	57	42	simple	simple	JJ
www-sonatype-com-3567	57	43	-	-	HYPH
www-sonatype-com-3567	57	44	captcha2	captcha2	NN
www-sonatype-com-3567	57	45	0.2.3	0.2.3	NNP
www-sonatype-com-3567	57	46	and	and	CC
www-sonatype-com-3567	57	47	datgrid	datgrid	NNP
www-sonatype-com-3567	57	48	1.0.6	1.0.6	NNS
www-sonatype-com-3567	57	49	As	as	IN
www-sonatype-com-3567	57	50	distributed	distribute	VBN
www-sonatype-com-3567	57	51	on	on	IN
www-sonatype-com-3567	57	52	RubyGems.org	RubyGems.org	NNP
www-sonatype-com-3567	57	53	,	,	,
www-sonatype-com-3567	57	54	included	include	VBD
www-sonatype-com-3567	57	55	a	a	DT
www-sonatype-com-3567	57	56	code	code	NN
www-sonatype-com-3567	57	57	-	-	HYPH
www-sonatype-com-3567	57	58	execution	execution	NN
www-sonatype-com-3567	57	59	backdoor	backdoor	NN
www-sonatype-com-3567	57	60	inserted	insert	VBN
www-sonatype-com-3567	57	61	by	by	IN
www-sonatype-com-3567	57	62	a	a	DT
www-sonatype-com-3567	57	63	third	third	JJ
www-sonatype-com-3567	57	64	party.9	party.9	NN
www-sonatype-com-3567	57	65	APRIL	APRIL	NNP
www-sonatype-com-3567	57	66	2019	2019	CD
www-sonatype-com-3567	57	67	⊲	⊲	CD
www-sonatype-com-3567	57	68	bootstrap	bootstrap	NN
www-sonatype-com-3567	57	69	-	-	HYPH
www-sonatype-com-3567	57	70	sass	sass	NN
www-sonatype-com-3567	57	71	Someone	someone	NN
www-sonatype-com-3567	57	72	removed	remove	VBD
www-sonatype-com-3567	57	73	a	a	DT
www-sonatype-com-3567	57	74	version	version	NN
www-sonatype-com-3567	57	75	of	of	IN
www-sonatype-com-3567	57	76	the	the	DT
www-sonatype-com-3567	57	77	library	library	NN
www-sonatype-com-3567	57	78	,	,	,
www-sonatype-com-3567	57	79	boot-	boot-	NNP
www-sonatype-com-3567	57	80	strap	strap	NNP
www-sonatype-com-3567	57	81	-	-	HYPH
www-sonatype-com-3567	57	82	sass	sass	FW
www-sonatype-com-3567	57	83	v3.2.0.2	v3.2.0.2	NNP
www-sonatype-com-3567	57	84	and	and	CC
www-sonatype-com-3567	57	85	immediately	immediately	RB
www-sonatype-com-3567	57	86	released	release	VBD
www-sonatype-com-3567	57	87	a	a	DT
www-sonatype-com-3567	57	88	new	new	JJ
www-sonatype-com-3567	57	89	version	version	NN
www-sonatype-com-3567	57	90	,	,	,
www-sonatype-com-3567	57	91	moments	moment	NNS
www-sonatype-com-3567	57	92	later	later	RB
www-sonatype-com-3567	57	93	(	(	-LRB-
www-sonatype-com-3567	57	94	v3.2.0.3	v3.2.0.3	NNP
www-sonatype-com-3567	57	95	)	)	-RRB-
www-sonatype-com-3567	57	96	with	with	IN
www-sonatype-com-3567	57	97	malicious	malicious	JJ
www-sonatype-com-3567	57	98	code	code	NN
www-sonatype-com-3567	57	99	injected	inject	VBN
www-sonatype-com-3567	57	100	into	into	IN
www-sonatype-com-3567	57	101	it.10	it.10	NNP
www-sonatype-com-3567	57	102	JUNE	JUNE	NNP
www-sonatype-com-3567	57	103	2019	2019	CD
www-sonatype-com-3567	57	104	⊲	⊲	CD
www-sonatype-com-3567	57	105	23	23	CD
www-sonatype-com-3567	57	106	RubyGems	RubyGems	NNP
www-sonatype-com-3567	57	107	packages	package	NNS
www-sonatype-com-3567	57	108	Including	include	VBG
www-sonatype-com-3567	57	109	chrome_taker	chrome_taker	NNP
www-sonatype-com-3567	57	110	,	,	,
www-sonatype-com-3567	57	111	color_hacker	color_hacker	NNP
www-sonatype-com-3567	57	112	,	,	,
www-sonatype-com-3567	57	113	aloha_anal-	aloha_anal-	NNP
www-sonatype-com-3567	57	114	yser	yser	NN
www-sonatype-com-3567	57	115	,	,	,
www-sonatype-com-3567	57	116	get	get	NN
www-sonatype-com-3567	57	117	-	-	HYPH
www-sonatype-com-3567	57	118	text	text	NN
www-sonatype-com-3567	57	119	,	,	,
www-sonatype-com-3567	57	120	ruby_nmap	ruby_nmap	NNP
www-sonatype-com-3567	57	121	,	,	,
www-sonatype-com-3567	57	122	get	get	VB
www-sonatype-com-3567	57	123	-	-	HYPH
www-sonatype-com-3567	57	124	texts	text	NNS
www-sonatype-com-3567	57	125	,	,	,
www-sonatype-com-3567	57	126	colourize	colourize	NNP
www-sonatype-com-3567	57	127	,	,	,
www-sonatype-com-3567	57	128	and	and	CC
www-sonatype-com-3567	57	129	btc	btc	NNP
www-sonatype-com-3567	57	130	-	-	HYPH
www-sonatype-com-3567	57	131	ruby	ruby	NNP
www-sonatype-com-3567	57	132	were	be	VBD
www-sonatype-com-3567	57	133	pulled	pull	VBN
www-sonatype-com-3567	57	134	from	from	IN
www-sonatype-com-3567	57	135	the	the	DT
www-sonatype-com-3567	57	136	public	public	JJ
www-sonatype-com-3567	57	137	repository	repository	NN
www-sonatype-com-3567	57	138	because	because	IN
www-sonatype-com-3567	57	139	they	-PRON-	PRP
www-sonatype-com-3567	57	140	contained	contain	VBD
www-sonatype-com-3567	57	141	code	code	NN
www-sonatype-com-3567	57	142	for	for	IN
www-sonatype-com-3567	57	143	crypto	crypto	NNP
www-sonatype-com-3567	57	144	mining	mining	NN
www-sonatype-com-3567	57	145	or	or	CC
www-sonatype-com-3567	57	146	cookie	cookie	NN
www-sonatype-com-3567	57	147	/	/	SYM
www-sonatype-com-3567	57	148	password	password	NN
www-sonatype-com-3567	57	149	stealing.11	stealing.11	NNP
www-sonatype-com-3567	57	150	⊲	⊲	HYPH
www-sonatype-com-3567	57	151	electron	electron	NN
www-sonatype-com-3567	57	152	-	-	HYPH
www-sonatype-com-3567	57	153	native	native	JJ
www-sonatype-com-3567	57	154	-	-	HYPH
www-sonatype-com-3567	57	155	notify	notify	NNP
www-sonatype-com-3567	57	156	(	(	-LRB-
www-sonatype-com-3567	57	157	version	version	NN
www-sonatype-com-3567	57	158	1.1.6	1.1.6	CD
www-sonatype-com-3567	57	159	)	)	-RRB-
www-sonatype-com-3567	57	160	An	an	DT
www-sonatype-com-3567	57	161	npm	npm	NN
www-sonatype-com-3567	57	162	package	package	NN
www-sonatype-com-3567	57	163	contained	contain	VBD
www-sonatype-com-3567	57	164	code	code	NN
www-sonatype-com-3567	57	165	designed	design	VBN
www-sonatype-com-3567	57	166	to	to	TO
www-sonatype-com-3567	57	167	steal	steal	VB
www-sonatype-com-3567	57	168	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	57	169	wallet	wallet	NN
www-sonatype-com-3567	57	170	seeds	seed	NNS
www-sonatype-com-3567	57	171	and	and	CC
www-sonatype-com-3567	57	172	other	other	JJ
www-sonatype-com-3567	57	173	login	login	NN
www-sonatype-com-3567	57	174	instruction	instruction	NN
www-sonatype-com-3567	57	175	details	detail	NNS
www-sonatype-com-3567	57	176	specific	specific	JJ
www-sonatype-com-3567	57	177	to	to	IN
www-sonatype-com-3567	57	178	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	57	179	apps	app	NNS
www-sonatype-com-3567	57	180	.	.	.
www-sonatype-com-3567	58	1	Tipped	tip	VBN
www-sonatype-com-3567	58	2	off	off	RP
www-sonatype-com-3567	58	3	by	by	IN
www-sonatype-com-3567	58	4	npm	npm	NN
www-sonatype-com-3567	58	5	researchers	researcher	NNS
www-sonatype-com-3567	58	6	,	,	,
www-sonatype-com-3567	58	7	makers	maker	NNS
www-sonatype-com-3567	58	8	of	of	IN
www-sonatype-com-3567	58	9	the	the	DT
www-sonatype-com-3567	58	10	Agama	Agama	NNP
www-sonatype-com-3567	58	11	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	58	12	wallets	wallet	NNS
www-sonatype-com-3567	58	13	shifted	shift	VBD
www-sonatype-com-3567	58	14	$	$	$
www-sonatype-com-3567	58	15	13	13	CD
www-sonatype-com-3567	58	16	million	million	CD
www-sonatype-com-3567	58	17	worth	worth	NN
www-sonatype-com-3567	58	18	of	of	IN
www-sonatype-com-3567	58	19	currency	currency	NN
www-sonatype-com-3567	58	20	before	before	IN
www-sonatype-com-3567	58	21	adversaries	adversary	NNS
www-sonatype-com-3567	58	22	could	could	MD
www-sonatype-com-3567	58	23	steal	steal	VB
www-sonatype-com-3567	58	24	it	-PRON-	PRP
www-sonatype-com-3567	58	25	.	.	.
www-sonatype-com-3567	59	1	JULY	JULY	NNP
www-sonatype-com-3567	59	2	2019	2019	CD
www-sonatype-com-3567	59	3	⊲	⊲	CD
www-sonatype-com-3567	59	4	libpeshnx	libpeshnx	NN
www-sonatype-com-3567	59	5	A	a	DT
www-sonatype-com-3567	59	6	PyPI	pypi	NN
www-sonatype-com-3567	59	7	package	package	NN
www-sonatype-com-3567	59	8	discovered	discover	VBN
www-sonatype-com-3567	59	9	to	to	TO
www-sonatype-com-3567	59	10	include	include	VB
www-sonatype-com-3567	59	11	a	a	DT
www-sonatype-com-3567	59	12	backdoor	backdoor	JJ
www-sonatype-com-3567	59	13	vulnerability	vulnerability	NN
www-sonatype-com-3567	59	14	.	.	.
www-sonatype-com-3567	60	1	While	while	IN
www-sonatype-com-3567	60	2	the	the	DT
www-sonatype-com-3567	60	3	package	package	NN
www-sonatype-com-3567	60	4	had	have	VBD
www-sonatype-com-3567	60	5	been	be	VBN
www-sonatype-com-3567	60	6	reported	report	VBN
www-sonatype-com-3567	60	7	as	as	IN
www-sonatype-com-3567	60	8	containing	contain	VBG
www-sonatype-com-3567	60	9	a	a	DT
www-sonatype-com-3567	60	10	known	know	VBN
www-sonatype-com-3567	60	11	vulnerability	vulnerability	NN
www-sonatype-com-3567	60	12	,	,	,
www-sonatype-com-3567	60	13	it	-PRON-	PRP
www-sonatype-com-3567	60	14	had	have	VBD
www-sonatype-com-3567	60	15	not	not	RB
www-sonatype-com-3567	60	16	been	be	VBN
www-sonatype-com-3567	60	17	removed	remove	VBN
www-sonatype-com-3567	60	18	from	from	IN
www-sonatype-com-3567	60	19	the	the	DT
www-sonatype-com-3567	60	20	Python	Python	NNP
www-sonatype-com-3567	60	21	package	package	NN
www-sonatype-com-3567	60	22	repository	repository	NN
www-sonatype-com-3567	60	23	.	.	.
www-sonatype-com-3567	61	1	⊲	⊲	CD
www-sonatype-com-3567	61	2	230	230	CD
www-sonatype-com-3567	61	3	RubyGems	RubyGems	NNP
www-sonatype-com-3567	61	4	Pulled	pull	VBN
www-sonatype-com-3567	61	5	for	for	IN
www-sonatype-com-3567	61	6	typosquatting	typosquatting	NN
www-sonatype-com-3567	61	7	or	or	CC
www-sonatype-com-3567	61	8	impersonating	impersonate	VBG
www-sonatype-com-3567	61	9	popular	popular	JJ
www-sonatype-com-3567	61	10	open	open	JJ
www-sonatype-com-3567	61	11	source	source	NN
www-sonatype-com-3567	61	12	packages	package	NNS
www-sonatype-com-3567	61	13	.	.	.
www-sonatype-com-3567	62	1	AUGUST	AUGUST	NNP
www-sonatype-com-3567	62	2	2019	2019	CD
www-sonatype-com-3567	62	3	⊲	⊲	CD
www-sonatype-com-3567	62	4	109	109	CD
www-sonatype-com-3567	62	5	RubyGems	RubyGems	NNP
www-sonatype-com-3567	62	6	Yanked	yank	VBN
www-sonatype-com-3567	62	7	from	from	IN
www-sonatype-com-3567	62	8	the	the	DT
www-sonatype-com-3567	62	9	repository	repository	NN
www-sonatype-com-3567	62	10	for	for	IN
www-sonatype-com-3567	62	11	typosquatting.12	typosquatting.12	NNP
www-sonatype-com-3567	62	12	⊲	⊲	CD
www-sonatype-com-3567	62	13	rest	rest	NN
www-sonatype-com-3567	62	14	-	-	HYPH
www-sonatype-com-3567	62	15	client	client	NN
www-sonatype-com-3567	62	16	,	,	,
www-sonatype-com-3567	62	17	coming	come	VBG
www-sonatype-com-3567	62	18	-	-	:
www-sonatype-com-3567	62	19	soon	soon	RB
www-sonatype-com-3567	62	20	,	,	,
www-sonatype-com-3567	62	21	and	and	CC
www-sonatype-com-3567	62	22	cron_parser	cron_parser	NNP
www-sonatype-com-3567	62	23	Adversaries	Adversaries	NNPS
www-sonatype-com-3567	62	24	compromised	compromise	VBD
www-sonatype-com-3567	62	25	the	the	DT
www-sonatype-com-3567	62	26	account	account	NN
www-sonatype-com-3567	62	27	of	of	IN
www-sonatype-com-3567	62	28	a	a	DT
www-sonatype-com-3567	62	29	rest	rest	NN
www-sonatype-com-3567	62	30	-	-	HYPH
www-sonatype-com-3567	62	31	cli-	cli-	NN
www-sonatype-com-3567	62	32	ent	ent	NN
www-sonatype-com-3567	62	33	maintainer	maintainer	NN
www-sonatype-com-3567	62	34	to	to	TO
www-sonatype-com-3567	62	35	install	install	VB
www-sonatype-com-3567	62	36	crypto	crypto	NN
www-sonatype-com-3567	62	37	miners	miner	NNS
www-sonatype-com-3567	62	38	in	in	IN
www-sonatype-com-3567	62	39	versions	version	NNS
www-sonatype-com-3567	62	40	1.6.10	1.6.10	CD
www-sonatype-com-3567	62	41	to	to	IN
www-sonatype-com-3567	62	42	1.6.13	1.6.13	CD
www-sonatype-com-3567	62	43	.	.	.
www-sonatype-com-3567	63	1	Affected	affect	VBN
www-sonatype-com-3567	63	2	versions	version	NNS
www-sonatype-com-3567	63	3	were	be	VBD
www-sonatype-com-3567	63	4	downloaded	download	VBN
www-sonatype-com-3567	63	5	about	about	IN
www-sonatype-com-3567	63	6	1000	1000	CD
www-sonatype-com-3567	63	7	times	time	NNS
www-sonatype-com-3567	63	8	.	.	.
www-sonatype-com-3567	64	1	Similar	similar	JJ
www-sonatype-com-3567	64	2	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	64	3	were	be	VBD
www-sonatype-com-3567	64	4	found	find	VBN
www-sonatype-com-3567	64	5	in	in	IN
www-sonatype-com-3567	64	6	Gem	Gem	NNP
www-sonatype-com-3567	64	7	packages	package	NNS
www-sonatype-com-3567	64	8	:	:	:
www-sonatype-com-3567	64	9	coming	come	VBG
www-sonatype-com-3567	64	10	-	-	:
www-sonatype-com-3567	64	11	soon	soon	RB
www-sonatype-com-3567	64	12	and	and	CC
www-sonatype-com-3567	64	13	cron_parser.13	cron_parser.13	NNP
www-sonatype-com-3567	64	14	⊲	⊲	HYPH
www-sonatype-com-3567	64	15	bb	bb	NN
www-sonatype-com-3567	64	16	-	-	HYPH
www-sonatype-com-3567	64	17	builder	builder	NN
www-sonatype-com-3567	64	18	Removed	remove	VBN
www-sonatype-com-3567	64	19	from	from	IN
www-sonatype-com-3567	64	20	the	the	DT
www-sonatype-com-3567	64	21	npm	npm	NN
www-sonatype-com-3567	64	22	repository	repository	NN
www-sonatype-com-3567	64	23	after	after	IN
www-sonatype-com-3567	64	24	it	-PRON-	PRP
www-sonatype-com-3567	64	25	was	be	VBD
www-sonatype-com-3567	64	26	discovered	discover	VBN
www-sonatype-com-3567	64	27	that	that	IN
www-sonatype-com-3567	64	28	it	-PRON-	PRP
www-sonatype-com-3567	64	29	stole	steal	VBD
www-sonatype-com-3567	64	30	login	login	NNP
www-sonatype-com-3567	64	31	information	information	NN
www-sonatype-com-3567	64	32	from	from	IN
www-sonatype-com-3567	64	33	the	the	DT
www-sonatype-com-3567	64	34	computers	computer	NNS
www-sonatype-com-3567	64	35	it	-PRON-	PRP
www-sonatype-com-3567	64	36	was	be	VBD
www-sonatype-com-3567	64	37	installed	instal	VBN
www-sonatype-com-3567	64	38	on	on	IN
www-sonatype-com-3567	64	39	and	and	CC
www-sonatype-com-3567	64	40	sent	send	VBD
www-sonatype-com-3567	64	41	sensitive	sensitive	JJ
www-sonatype-com-3567	64	42	information	information	NN
www-sonatype-com-3567	64	43	to	to	IN
www-sonatype-com-3567	64	44	a	a	DT
www-sonatype-com-3567	64	45	remote	remote	JJ
www-sonatype-com-3567	64	46	server.14	server.14	NNP
www-sonatype-com-3567	64	47	OCTOBER	OCTOBER	NNP
www-sonatype-com-3567	64	48	2019	2019	CD
www-sonatype-com-3567	64	49	⊲	⊲	CD
www-sonatype-com-3567	64	50	basic_authable	basic_authable	NNP
www-sonatype-com-3567	64	51	Three	three	CD
www-sonatype-com-3567	64	52	versions	version	NNS
www-sonatype-com-3567	64	53	of	of	IN
www-sonatype-com-3567	64	54	this	this	DT
www-sonatype-com-3567	64	55	Gems	Gems	NNP
www-sonatype-com-3567	64	56	package	package	NN
www-sonatype-com-3567	64	57	released	release	VBN
www-sonatype-com-3567	64	58	in	in	IN
www-sonatype-com-3567	64	59	2017	2017	CD
www-sonatype-com-3567	64	60	were	be	VBD
www-sonatype-com-3567	64	61	yanked	yank	VBN
www-sonatype-com-3567	64	62	from	from	IN
www-sonatype-com-3567	64	63	the	the	DT
www-sonatype-com-3567	64	64	Gems	Gems	NNP
www-sonatype-com-3567	64	65	repository	repository	NN
www-sonatype-com-3567	64	66	due	due	IN
www-sonatype-com-3567	64	67	to	to	IN
www-sonatype-com-3567	64	68	their	-PRON-	PRP$
www-sonatype-com-3567	64	69	malicious	malicious	JJ
www-sonatype-com-3567	64	70	nature	nature	NN
www-sonatype-com-3567	64	71	.	.	.
www-sonatype-com-3567	65	1	NOVEMBER	NOVEMBER	NNP
www-sonatype-com-3567	65	2	2019	2019	CD
www-sonatype-com-3567	65	3	⊲	⊲	CD
www-sonatype-com-3567	65	4	sj	sj	NNP
www-sonatype-com-3567	65	5	-	-	HYPH
www-sonatype-com-3567	65	6	tw	tw	JJ
www-sonatype-com-3567	65	7	-	-	HYPH
www-sonatype-com-3567	65	8	test	test	NN
www-sonatype-com-3567	65	9	-	-	HYPH
www-sonatype-com-3567	65	10	security	security	NN
www-sonatype-com-3567	65	11	All	all	DT
www-sonatype-com-3567	65	12	versions	version	NNS
www-sonatype-com-3567	65	13	of	of	IN
www-sonatype-com-3567	65	14	the	the	DT
www-sonatype-com-3567	65	15	component	component	NN
www-sonatype-com-3567	65	16	contain	contain	NN
www-sonatype-com-3567	65	17	malicious	malicious	JJ
www-sonatype-com-3567	65	18	backdoor	backdoor	NNP
www-sonatype-com-3567	65	19	code	code	NNP
www-sonatype-com-3567	65	20	that	that	IN
www-sonatype-com-3567	65	21	downloads	download	VBZ
www-sonatype-com-3567	65	22	and	and	CC
www-sonatype-com-3567	65	23	runs	run	VBZ
www-sonatype-com-3567	65	24	a	a	DT
www-sonatype-com-3567	65	25	script	script	NN
www-sonatype-com-3567	65	26	that	that	WDT
www-sonatype-com-3567	65	27	opens	open	VBZ
www-sonatype-com-3567	65	28	a	a	DT
www-sonatype-com-3567	65	29	reverse	reverse	JJ
www-sonatype-com-3567	65	30	shell	shell	NN
www-sonatype-com-3567	65	31	in	in	IN
www-sonatype-com-3567	65	32	the	the	DT
www-sonatype-com-3567	65	33	system	system	NN
www-sonatype-com-3567	65	34	,	,	,
www-sonatype-com-3567	65	35	allowing	allow	VBG
www-sonatype-com-3567	65	36	a	a	DT
www-sonatype-com-3567	65	37	remote	remote	JJ
www-sonatype-com-3567	65	38	attacker	attacker	NN
www-sonatype-com-3567	65	39	to	to	TO
www-sonatype-com-3567	65	40	compromise	compromise	VB
www-sonatype-com-3567	65	41	the	the	DT
www-sonatype-com-3567	65	42	affected	affected	JJ
www-sonatype-com-3567	65	43	system.15	system.15	NNP
www-sonatype-com-3567	65	44	⊲	⊲	HYPH
www-sonatype-com-3567	65	45	lodahs	lodah	NNS
www-sonatype-com-3567	65	46	,	,	,
www-sonatype-com-3567	65	47	web3b	web3b	NN
www-sonatype-com-3567	65	48	,	,	,
www-sonatype-com-3567	65	49	and	and	CC
www-sonatype-com-3567	65	50	web3-eht	web3-eht	LS
www-sonatype-com-3567	65	51	Taking	take	VBG
www-sonatype-com-3567	65	52	advantage	advantage	NN
www-sonatype-com-3567	65	53	of	of	IN
www-sonatype-com-3567	65	54	a	a	DT
www-sonatype-com-3567	65	55	typosquatting	typosquatting	NN
www-sonatype-com-3567	65	56	exploit	exploit	NN
www-sonatype-com-3567	65	57	for	for	IN
www-sonatype-com-3567	65	58	lodash	lodash	NNP
www-sonatype-com-3567	65	59	npm	npm	NNP
www-sonatype-com-3567	65	60	packages	package	NNS
www-sonatype-com-3567	65	61	,	,	,
www-sonatype-com-3567	65	62	all	all	DT
www-sonatype-com-3567	65	63	versions	version	NNS
www-sonatype-com-3567	65	64	of	of	IN
www-sonatype-com-3567	65	65	the	the	DT
www-sonatype-com-3567	65	66	“	"	``
www-sonatype-com-3567	65	67	lodahs	lodah	NNS
www-sonatype-com-3567	65	68	”	"	''
www-sonatype-com-3567	65	69	package	package	NN
www-sonatype-com-3567	65	70	contained	contain	VBD
www-sonatype-com-3567	65	71	malware	malware	NNP
www-sonatype-com-3567	65	72	designed	design	VBN
www-sonatype-com-3567	65	73	to	to	TO
www-sonatype-com-3567	65	74	find	find	VB
www-sonatype-com-3567	65	75	and	and	CC
www-sonatype-com-3567	65	76	exfiltrate	exfiltrate	VB
www-sonatype-com-3567	65	77	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	65	78	wallets	wallet	NNS
www-sonatype-com-3567	65	79	.	.	.
www-sonatype-com-3567	66	1	web3b	web3b	NNP
www-sonatype-com-3567	66	2	and	and	CC
www-sonatype-com-3567	66	3	web3-	web3-	CD
www-sonatype-com-3567	66	4	eht	eht	NNP
www-sonatype-com-3567	66	5	were	be	VBD
www-sonatype-com-3567	66	6	removed	remove	VBN
www-sonatype-com-3567	66	7	for	for	IN
www-sonatype-com-3567	66	8	the	the	DT
www-sonatype-com-3567	66	9	same	same	JJ
www-sonatype-com-3567	66	10	exploit	exploit	NN
www-sonatype-com-3567	66	11	pattern	pattern	NN
www-sonatype-com-3567	66	12	.	.	.
www-sonatype-com-3567	67	1	DECEMBER	DECEMBER	NNP
www-sonatype-com-3567	67	2	2019	2019	CD
www-sonatype-com-3567	67	3	⊲	⊲	CD
www-sonatype-com-3567	67	4	python3-dateutil	python3-dateutil	NNP
www-sonatype-com-3567	67	5	and	and	CC
www-sonatype-com-3567	67	6	jeIlyfish	jeIlyfish	NNP
www-sonatype-com-3567	67	7	Two	two	CD
www-sonatype-com-3567	67	8	trojanized	trojanize	VBN
www-sonatype-com-3567	67	9	PyPI	pypi	NN
www-sonatype-com-3567	67	10	packages	package	NNS
www-sonatype-com-3567	67	11	were	be	VBD
www-sonatype-com-3567	67	12	caught	catch	VBN
www-sonatype-com-3567	67	13	stealing	steal	VBG
www-sonatype-com-3567	67	14	SSH	SSH	NNP
www-sonatype-com-3567	67	15	and	and	CC
www-sonatype-com-3567	67	16	GPG	GPG	NNP
www-sonatype-com-3567	67	17	keys	key	NNS
www-sonatype-com-3567	67	18	from	from	IN
www-sonatype-com-3567	67	19	the	the	DT
www-sonatype-com-3567	67	20	projects	project	NNS
www-sonatype-com-3567	67	21	of	of	IN
www-sonatype-com-3567	67	22	infected	infected	JJ
www-sonatype-com-3567	67	23	developers	developer	NNS
www-sonatype-com-3567	67	24	.	.	.
www-sonatype-com-3567	68	1	The	the	DT
www-sonatype-com-3567	68	2	two	two	CD
www-sonatype-com-3567	68	3	libraries	library	NNS
www-sonatype-com-3567	68	4	imitated	imitate	VBD
www-sonatype-com-3567	68	5	the	the	DT
www-sonatype-com-3567	68	6	popular	popular	JJ
www-sonatype-com-3567	68	7	“	"	``
www-sonatype-com-3567	68	8	dateutil	dateutil	NNP
www-sonatype-com-3567	68	9	”	"	''
www-sonatype-com-3567	68	10	and	and	CC
www-sonatype-com-3567	68	11	“	"	``
www-sonatype-com-3567	68	12	jeIlyfish	jeIlyfish	NNP
www-sonatype-com-3567	68	13	”	"	''
www-sonatype-com-3567	68	14	(	(	-LRB-
www-sonatype-com-3567	68	15	the	the	DT
www-sonatype-com-3567	68	16	first	first	JJ
www-sonatype-com-3567	68	17	L	L	NNP
www-sonatype-com-3567	68	18	is	be	VBZ
www-sonatype-com-3567	68	19	an	an	DT
www-sonatype-com-3567	68	20	I).16	I).16	NNP
www-sonatype-com-3567	68	21	JANUARY	JANUARY	NNP
www-sonatype-com-3567	68	22	2020	2020	CD
www-sonatype-com-3567	68	23	⊲	⊲	CD
www-sonatype-com-3567	68	24	1337qq	1337qq	NNP
www-sonatype-com-3567	68	25	-	-	:
www-sonatype-com-3567	68	26	js	js	NN
www-sonatype-com-3567	68	27	The	the	DT
www-sonatype-com-3567	68	28	malicious	malicious	JJ
www-sonatype-com-3567	68	29	npm	npm	NN
www-sonatype-com-3567	68	30	package	package	NN
www-sonatype-com-3567	68	31	exfiltrates	exfiltrate	VBZ
www-sonatype-com-3567	68	32	sensitive	sensitive	JJ
www-sonatype-com-3567	68	33	information	information	NN
www-sonatype-com-3567	68	34	such	such	JJ
www-sonatype-com-3567	68	35	as	as	IN
www-sonatype-com-3567	68	36	hard	hard	RB
www-sonatype-com-3567	68	37	-	-	HYPH
www-sonatype-com-3567	68	38	coded	code	VBN
www-sonatype-com-3567	68	39	passwords	password	NNS
www-sonatype-com-3567	68	40	or	or	CC
www-sonatype-com-3567	68	41	API	api	NN
www-sonatype-com-3567	68	42	access	access	NN
www-sonatype-com-3567	68	43	tokens	token	NNS
www-sonatype-com-3567	68	44	through	through	IN
www-sonatype-com-3567	68	45	install	install	NN
www-sonatype-com-3567	68	46	scripts	script	NNS
www-sonatype-com-3567	68	47	and	and	CC
www-sonatype-com-3567	68	48	targeting	target	VBG
www-sonatype-com-3567	68	49	UNIX	UNIX	NNP
www-sonatype-com-3567	68	50	systems	system	NNS
www-sonatype-com-3567	68	51	only	only	RB
www-sonatype-com-3567	68	52	.	.	.
www-sonatype-com-3567	69	1	FEBRUARY	FEBRUARY	NNP
www-sonatype-com-3567	69	2	2020	2020	CD
www-sonatype-com-3567	69	3	⊲	⊲	CD
www-sonatype-com-3567	69	4	381	381	CD
www-sonatype-com-3567	69	5	RubyGems	RubyGems	NNP
www-sonatype-com-3567	69	6	Packages	package	NNS
www-sonatype-com-3567	69	7	were	be	VBD
www-sonatype-com-3567	69	8	yanked	yank	VBN
www-sonatype-com-3567	69	9	from	from	IN
www-sonatype-com-3567	69	10	the	the	DT
www-sonatype-com-3567	69	11	public	public	JJ
www-sonatype-com-3567	69	12	repository	repository	NN
www-sonatype-com-3567	69	13	as	as	IN
www-sonatype-com-3567	69	14	a	a	DT
www-sonatype-com-3567	69	15	result	result	NN
www-sonatype-com-3567	69	16	of	of	IN
www-sonatype-com-3567	69	17	typosquatting	typosquatte	VBG
www-sonatype-com-3567	69	18	concerns.17	concerns.17	NNP
www-sonatype-com-3567	69	19	APRIL	APRIL	NNP
www-sonatype-com-3567	69	20	2020	2020	CD
www-sonatype-com-3567	69	21	⊲	⊲	CD
www-sonatype-com-3567	69	22	362	362	CD
www-sonatype-com-3567	69	23	RubyGems	RubyGems	NNP
www-sonatype-com-3567	69	24	Were	be	VBD
www-sonatype-com-3567	69	25	removed	remove	VBN
www-sonatype-com-3567	69	26	from	from	IN
www-sonatype-com-3567	69	27	the	the	DT
www-sonatype-com-3567	69	28	public	public	JJ
www-sonatype-com-3567	69	29	repository	repository	NN
www-sonatype-com-3567	69	30	for	for	IN
www-sonatype-com-3567	69	31	typosquatting	typosquatting	NN
www-sonatype-com-3567	69	32	and	and	CC
www-sonatype-com-3567	69	33	crypto	crypto	NN
www-sonatype-com-3567	69	34	mining	mining	NN
www-sonatype-com-3567	69	35	malware	malware	NNP
www-sonatype-com-3567	69	36	.	.	.
www-sonatype-com-3567	70	1	They	-PRON-	PRP
www-sonatype-com-3567	70	2	include	include	VBP
www-sonatype-com-3567	70	3	“	"	``
www-sonatype-com-3567	70	4	atlas	atlas	NNP
www-sonatype-com-3567	70	5	-	-	HYPH
www-sonatype-com-3567	70	6	client	client	NN
www-sonatype-com-3567	70	7	”	"	''
www-sonatype-com-3567	70	8	(	(	-LRB-
www-sonatype-com-3567	70	9	downloaded	download	VBN
www-sonatype-com-3567	70	10	2,100	2,100	CD
www-sonatype-com-3567	70	11	times	time	NNS
www-sonatype-com-3567	70	12	by	by	IN
www-sonatype-com-3567	70	13	developers).18	developers).18	NN
www-sonatype-com-3567	70	14	MAY	MAY	NNP
www-sonatype-com-3567	70	15	2020	2020	CD
www-sonatype-com-3567	70	16	⊲	⊲	CD
www-sonatype-com-3567	70	17	Octopus	Octopus	NNP
www-sonatype-com-3567	70	18	Scanner	Scanner	NNP
www-sonatype-com-3567	70	19	26	26	CD
www-sonatype-com-3567	70	20	open	open	JJ
www-sonatype-com-3567	70	21	source	source	NN
www-sonatype-com-3567	70	22	packages	package	NNS
www-sonatype-com-3567	70	23	were	be	VBD
www-sonatype-com-3567	70	24	found	find	VBN
www-sonatype-com-3567	70	25	to	to	TO
www-sonatype-com-3567	70	26	be	be	VB
www-sonatype-com-3567	70	27	compromised	compromise	VBN
www-sonatype-com-3567	70	28	through	through	IN
www-sonatype-com-3567	70	29	malicious	malicious	JJ
www-sonatype-com-3567	70	30	code	code	NN
www-sonatype-com-3567	70	31	injection	injection	NN
www-sonatype-com-3567	70	32	.	.	.
www-sonatype-com-3567	71	1	The	the	DT
www-sonatype-com-3567	71	2	malware	malware	NN
www-sonatype-com-3567	71	3	was	be	VBD
www-sonatype-com-3567	71	4	designed	design	VBN
www-sonatype-com-3567	71	5	to	to	TO
www-sonatype-com-3567	71	6	enumerate	enumerate	VB
www-sonatype-com-3567	71	7	and	and	CC
www-sonatype-com-3567	71	8	backdoor	backdoor	JJ
www-sonatype-com-3567	71	9	projects	project	NNS
www-sonatype-com-3567	71	10	through	through	IN
www-sonatype-com-3567	71	11	the	the	DT
www-sonatype-com-3567	71	12	NetBeans	NetBeans	NNP
www-sonatype-com-3567	71	13	IDE	IDE	NNP
www-sonatype-com-3567	71	14	.	.	.
www-sonatype-com-3567	72	1	82020	82020	CD
www-sonatype-com-3567	72	2	STATE	STATE	NNP
www-sonatype-com-3567	72	3	OF	of	IN
www-sonatype-com-3567	72	4	THE	the	DT
www-sonatype-com-3567	72	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	72	6	SUPPLY	supply	NN
www-sonatype-com-3567	72	7	CHAIN	chain	NN
www-sonatype-com-3567	72	8	REPORT	report	NN
www-sonatype-com-3567	72	9	C	c	NN
www-sonatype-com-3567	72	10	H	h	NN
www-sonatype-com-3567	72	11	A	a	NN
www-sonatype-com-3567	72	12	P	p	NN
www-sonatype-com-3567	72	13	T	t	NN
www-sonatype-com-3567	72	14	E	e	NN
www-sonatype-com-3567	72	15	R	r	NN
www-sonatype-com-3567	72	16	1	1	CD
www-sonatype-com-3567	72	17	:	:	:
www-sonatype-com-3567	72	18	O	o	NN
www-sonatype-com-3567	72	19	P	p	NN
www-sonatype-com-3567	72	20	E	e	NN
www-sonatype-com-3567	72	21	N	n	NN
www-sonatype-com-3567	72	22	S	s	NN
www-sonatype-com-3567	72	23	E	e	NN
www-sonatype-com-3567	72	24	A	a	NN
www-sonatype-com-3567	72	25	S	s	NN
www-sonatype-com-3567	72	26	O	o	NN
www-sonatype-com-3567	72	27	N	n	NN
www-sonatype-com-3567	72	28	O	o	NN
www-sonatype-com-3567	72	29	N	n	NN
www-sonatype-com-3567	72	30	O	o	NN
www-sonatype-com-3567	72	31	P	p	NN
www-sonatype-com-3567	72	32	E	e	NN
www-sonatype-com-3567	72	33	N	n	NN
www-sonatype-com-3567	72	34	S	s	NN
www-sonatype-com-3567	72	35	O	o	NN
www-sonatype-com-3567	72	36	U	u	NN
www-sonatype-com-3567	72	37	R	r	NN
www-sonatype-com-3567	72	38	C	c	NN
www-sonatype-com-3567	72	39	E	e	NN
www-sonatype-com-3567	72	40	https://pypi.org/project/python-dateutil/	https://pypi.org/project/python-dateutil/	NNP
www-sonatype-com-3567	72	41	https://pypi.org/project/jeIlyfish/	https://pypi.org/project/jeIlyfish/	NNP
www-sonatype-com-3567	72	42	Back	back	RB
www-sonatype-com-3567	72	43	-	-	HYPH
www-sonatype-com-3567	72	44	doored	doore	VBN
www-sonatype-com-3567	72	45	Gems	Gems	NNP
www-sonatype-com-3567	72	46	bootstrap	bootstrap	NN
www-sonatype-com-3567	72	47	-	-	HYPH
www-sonatype-com-3567	72	48	sass	sass	NN
www-sonatype-com-3567	72	49	RCE	RCE	NNP
www-sonatype-com-3567	72	50	package	package	NN
www-sonatype-com-3567	72	51	discovered	discover	VBD
www-sonatype-com-3567	72	52	.	.	.
www-sonatype-com-3567	73	1	A	a	DT
www-sonatype-com-3567	73	2	malicious	malicious	JJ
www-sonatype-com-3567	73	3	version	version	NN
www-sonatype-com-3567	73	4	of	of	IN
www-sonatype-com-3567	73	5	the	the	DT
www-sonatype-com-3567	73	6	popular	popular	JJ
www-sonatype-com-3567	73	7	bootstrap	bootstrap	NN
www-sonatype-com-3567	73	8	-	-	HYPH
www-sonatype-com-3567	73	9	sass	sass	NN
www-sonatype-com-3567	73	10	package	package	NN
www-sonatype-com-3567	73	11	,	,	,
www-sonatype-com-3567	73	12	downloaded	download	VBD
www-sonatype-com-3567	73	13	a	a	DT
www-sonatype-com-3567	73	14	total	total	NN
www-sonatype-com-3567	73	15	of	of	IN
www-sonatype-com-3567	73	16	28	28	CD
www-sonatype-com-3567	73	17	million	million	CD
www-sonatype-com-3567	73	18	times	time	NNS
www-sonatype-com-3567	73	19	to	to	IN
www-sonatype-com-3567	73	20	date	date	NN
www-sonatype-com-3567	73	21	,	,	,
www-sonatype-com-3567	73	22	and	and	CC
www-sonatype-com-3567	73	23	with	with	IN
www-sonatype-com-3567	73	24	1.6	1.6	CD
www-sonatype-com-3567	73	25	K	K	NNP
www-sonatype-com-3567	73	26	dependencies	dependency	NNS
www-sonatype-com-3567	73	27	,	,	,
www-sonatype-com-3567	73	28	is	be	VBZ
www-sonatype-com-3567	73	29	published	publish	VBN
www-sonatype-com-3567	73	30	to	to	IN
www-sonatype-com-3567	73	31	the	the	DT
www-sonatype-com-3567	73	32	RubyGems	RubyGems	NNP
www-sonatype-com-3567	73	33	repository	repository	NN
www-sonatype-com-3567	73	34	.	.	.
www-sonatype-com-3567	74	1	JUN	JUN	NNP
www-sonatype-com-3567	74	2	2018	2018	CD
www-sonatype-com-3567	74	3	AUG	AUG	NNP
www-sonatype-com-3567	74	4	2018	2018	CD
www-sonatype-com-3567	74	5	MAY	MAY	NNP
www-sonatype-com-3567	74	6	2018	2018	CD
www-sonatype-com-3567	74	7	JUL	JUL	NNP
www-sonatype-com-3567	74	8	2017	2017	CD
www-sonatype-com-3567	74	9	MAR	MAR	NNP
www-sonatype-com-3567	74	10	2018	2018	CD
www-sonatype-com-3567	74	11	JUN	JUN	NNP
www-sonatype-com-3567	74	12	2019	2019	CD
www-sonatype-com-3567	74	13	NOV	NOV	NNP
www-sonatype-com-3567	74	14	2019	2019	CD
www-sonatype-com-3567	74	15	APR	APR	NNP
www-sonatype-com-3567	74	16	2020	2020	CD
www-sonatype-com-3567	74	17	AUG	AUG	NNP
www-sonatype-com-3567	74	18	2019	2019	CD
www-sonatype-com-3567	74	19	NOV	NOV	NNP
www-sonatype-com-3567	74	20	2018	2018	CD
www-sonatype-com-3567	74	21	JAN	JAN	NNP
www-sonatype-com-3567	74	22	2020	2020	CD
www-sonatype-com-3567	74	23	MAR	MAR	NNP
www-sonatype-com-3567	74	24	2019	2019	CD
www-sonatype-com-3567	74	25	OCT	OCT	NNP
www-sonatype-com-3567	74	26	2019	2019	CD
www-sonatype-com-3567	74	27	FEB	FEB	NNP
www-sonatype-com-3567	74	28	2020	2020	CD
www-sonatype-com-3567	74	29	DEC	DEC	NNP
www-sonatype-com-3567	74	30	2019	2019	CD
www-sonatype-com-3567	74	31	MAY	MAY	NNP
www-sonatype-com-3567	74	32	2020	2020	CD
www-sonatype-com-3567	74	33	JUL	JUL	NNP
www-sonatype-com-3567	74	34	2019	2019	CD
www-sonatype-com-3567	74	35	JUL	JUL	NNP
www-sonatype-com-3567	74	36	2018	2018	CD
www-sonatype-com-3567	74	37	npm	npm	NN
www-sonatype-com-3567	74	38	credentials	credential	NNS
www-sonatype-com-3567	74	39	published	publish	VBN
www-sonatype-com-3567	74	40	online	online	RB
www-sonatype-com-3567	74	41	.	.	.
www-sonatype-com-3567	75	1	A	a	DT
www-sonatype-com-3567	75	2	�	�	NNP
www-sonatype-com-3567	75	3	ects	ect	VBZ
www-sonatype-com-3567	75	4	access	access	NN
www-sonatype-com-3567	75	5	to	to	IN
www-sonatype-com-3567	75	6	14	14	CD
www-sonatype-com-3567	75	7	%	%	NN
www-sonatype-com-3567	75	8	of	of	IN
www-sonatype-com-3567	75	9	the	the	DT
www-sonatype-com-3567	75	10	npm	npm	NNP
www-sonatype-com-3567	75	11	repo	repo	NNP
www-sonatype-com-3567	75	12	(	(	-LRB-
www-sonatype-com-3567	75	13	79	79	CD
www-sonatype-com-3567	75	14	K	K	NNP
www-sonatype-com-3567	75	15	packages	package	NNS
www-sonatype-com-3567	75	16	)	)	-RRB-
www-sonatype-com-3567	75	17	.	.	.
www-sonatype-com-3567	76	1	Malicious	malicious	JJ
www-sonatype-com-3567	76	2	npm	npm	NNS
www-sonatype-com-3567	76	3	packaged	package	VBN
www-sonatype-com-3567	76	4	typosquated	typosquate	VBN
www-sonatype-com-3567	76	5	.	.	.
www-sonatype-com-3567	77	1	40	40	CD
www-sonatype-com-3567	77	2	packages	package	NNS
www-sonatype-com-3567	77	3	harvested	harvest	VBN
www-sonatype-com-3567	77	4	over	over	IN
www-sonatype-com-3567	77	5	two	two	CD
www-sonatype-com-3567	77	6	weeks	week	NNS
www-sonatype-com-3567	77	7	,	,	,
www-sonatype-com-3567	77	8	collecting	collect	VBG
www-sonatype-com-3567	77	9	credentials	credential	NNS
www-sonatype-com-3567	77	10	used	use	VBN
www-sonatype-com-3567	77	11	to	to	TO
www-sonatype-com-3567	77	12	publish	publish	VB
www-sonatype-com-3567	77	13	to	to	IN
www-sonatype-com-3567	77	14	the	the	DT
www-sonatype-com-3567	77	15	npm	npm	NNP
www-sonatype-com-3567	77	16	repository	repository	NNP
www-sonatype-com-3567	77	17	itself	-PRON-	PRP
www-sonatype-com-3567	77	18	.	.	.
www-sonatype-com-3567	78	1	docker123321	docker123321	NN
www-sonatype-com-3567	78	2	images	image	NNS
www-sonatype-com-3567	78	3	created	create	VBN
www-sonatype-com-3567	78	4	on	on	IN
www-sonatype-com-3567	78	5	Docker	Docker	NNP
www-sonatype-com-3567	78	6	Hub	Hub	NNP
www-sonatype-com-3567	78	7	.	.	.
www-sonatype-com-3567	79	1	Later	later	RB
www-sonatype-com-3567	79	2	accused	accuse	VBN
www-sonatype-com-3567	79	3	of	of	IN
www-sonatype-com-3567	79	4	poisoning	poison	VBG
www-sonatype-com-3567	79	5	a	a	DT
www-sonatype-com-3567	79	6	Kubernetes	Kubernetes	NNP
www-sonatype-com-3567	79	7	honeypot	honeypot	NN
www-sonatype-com-3567	79	8	(	(	-LRB-
www-sonatype-com-3567	79	9	01/18	01/18	CD
www-sonatype-com-3567	79	10	)	)	-RRB-
www-sonatype-com-3567	79	11	and	and	CC
www-sonatype-com-3567	79	12	equated	equate	VBD
www-sonatype-com-3567	79	13	to	to	IN
www-sonatype-com-3567	79	14	a	a	DT
www-sonatype-com-3567	79	15	crypto	crypto	NN
www-sonatype-com-3567	79	16	-	-	HYPH
www-sonatype-com-3567	79	17	mining	mining	NN
www-sonatype-com-3567	79	18	botnet	botnet	NN
www-sonatype-com-3567	79	19	(	(	-LRB-
www-sonatype-com-3567	79	20	05/18	05/18	CD
www-sonatype-com-3567	79	21	)	)	-RRB-
www-sonatype-com-3567	79	22	.	.	.
www-sonatype-com-3567	80	1	Cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	80	2	attack	attack	NN
www-sonatype-com-3567	80	3	via	via	IN
www-sonatype-com-3567	80	4	malicious	malicious	JJ
www-sonatype-com-3567	80	5	code	code	NN
www-sonatype-com-3567	80	6	injection	injection	NN
www-sonatype-com-3567	80	7	.	.	.
www-sonatype-com-3567	81	1	Malicious	malicious	JJ
www-sonatype-com-3567	81	2	code	code	NN
www-sonatype-com-3567	81	3	targets	target	VBZ
www-sonatype-com-3567	81	4	users	user	NNS
www-sonatype-com-3567	81	5	of	of	IN
www-sonatype-com-3567	81	6	Agama	Agama	NNP
www-sonatype-com-3567	81	7	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	81	8	wallets	wallet	NNS
www-sonatype-com-3567	81	9	focusing	focus	VBG
www-sonatype-com-3567	81	10	on	on	IN
www-sonatype-com-3567	81	11	stealing	steal	VBG
www-sonatype-com-3567	81	12	the	the	DT
www-sonatype-com-3567	81	13	wallet	wallet	NN
www-sonatype-com-3567	81	14	seeds	seed	NNS
www-sonatype-com-3567	81	15	and	and	CC
www-sonatype-com-3567	81	16	login	login	NNP
www-sonatype-com-3567	81	17	passphrases	passphrase	NNS
www-sonatype-com-3567	81	18	.	.	.
www-sonatype-com-3567	82	1	passgen	passgen	NNP
www-sonatype-com-3567	82	2	A	a	DT
www-sonatype-com-3567	82	3	RubyGems	RubyGems	NNP
www-sonatype-com-3567	82	4	package	package	NN
www-sonatype-com-3567	82	5	discovered	discover	VBD
www-sonatype-com-3567	82	6	that	that	WDT
www-sonatype-com-3567	82	7	contains	contain	VBZ
www-sonatype-com-3567	82	8	a	a	DT
www-sonatype-com-3567	82	9	backdoor	backdoor	NN
www-sonatype-com-3567	82	10	in	in	IN
www-sonatype-com-3567	82	11	its	-PRON-	PRP$
www-sonatype-com-3567	82	12	latest	late	JJS
www-sonatype-com-3567	82	13	release	release	NN
www-sonatype-com-3567	82	14	that	that	WDT
www-sonatype-com-3567	82	15	was	be	VBD
www-sonatype-com-3567	82	16	used	use	VBN
www-sonatype-com-3567	82	17	for	for	IN
www-sonatype-com-3567	82	18	cookie	cookie	NN
www-sonatype-com-3567	82	19	stealing	stealing	NN
www-sonatype-com-3567	82	20	.	.	.
www-sonatype-com-3567	83	1	23	23	CD
www-sonatype-com-3567	83	2	RubyGems	RubyGems	NNP
www-sonatype-com-3567	83	3	packages	package	NNS
www-sonatype-com-3567	83	4	pulled	pull	VBD
www-sonatype-com-3567	83	5	from	from	IN
www-sonatype-com-3567	83	6	the	the	DT
www-sonatype-com-3567	83	7	public	public	JJ
www-sonatype-com-3567	83	8	repository	repository	NN
www-sonatype-com-3567	83	9	.	.	.
www-sonatype-com-3567	84	1	Packages	package	NNS
www-sonatype-com-3567	84	2	were	be	VBD
www-sonatype-com-3567	84	3	pulled	pull	VBN
www-sonatype-com-3567	84	4	from	from	IN
www-sonatype-com-3567	84	5	the	the	DT
www-sonatype-com-3567	84	6	public	public	JJ
www-sonatype-com-3567	84	7	repository	repository	NN
www-sonatype-com-3567	84	8	because	because	IN
www-sonatype-com-3567	84	9	they	-PRON-	PRP
www-sonatype-com-3567	84	10	contained	contain	VBD
www-sonatype-com-3567	84	11	code	code	NN
www-sonatype-com-3567	84	12	for	for	IN
www-sonatype-com-3567	84	13	cryptomining	cryptomining	NN
www-sonatype-com-3567	84	14	or	or	CC
www-sonatype-com-3567	84	15	cookie	cookie	NN
www-sonatype-com-3567	84	16	/	/	SYM
www-sonatype-com-3567	84	17	password	password	NN
www-sonatype-com-3567	84	18	stealing	steal	VBG
www-sonatype-com-3567	84	19	.	.	.
www-sonatype-com-3567	85	1	Code	code	NN
www-sonatype-com-3567	85	2	for	for	IN
www-sonatype-com-3567	85	3	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	85	4	theft	theft	NN
www-sonatype-com-3567	85	5	identified	identify	VBN
www-sonatype-com-3567	85	6	in	in	IN
www-sonatype-com-3567	85	7	npm	npm	NNP
www-sonatype-com-3567	85	8	package	package	NN
www-sonatype-com-3567	85	9	.	.	.
www-sonatype-com-3567	86	1	Electron	Electron	NNP
www-sonatype-com-3567	86	2	-	-	HYPH
www-sonatype-com-3567	86	3	native	native	JJ
www-sonatype-com-3567	86	4	-	-	HYPH
www-sonatype-com-3567	86	5	notify	notify	NN
www-sonatype-com-3567	86	6	(	(	-LRB-
www-sonatype-com-3567	86	7	versions	version	NNS
www-sonatype-com-3567	86	8	1.1.6	1.1.6	CD
www-sonatype-com-3567	86	9	)	)	-RRB-
www-sonatype-com-3567	86	10	contains	contain	VBZ
www-sonatype-com-3567	86	11	code	code	NN
www-sonatype-com-3567	86	12	designed	design	VBN
www-sonatype-com-3567	86	13	to	to	TO
www-sonatype-com-3567	86	14	steal	steal	VB
www-sonatype-com-3567	86	15	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	86	16	wallet	wallet	NN
www-sonatype-com-3567	86	17	seeds	seed	NNS
www-sonatype-com-3567	86	18	and	and	CC
www-sonatype-com-3567	86	19	other	other	JJ
www-sonatype-com-3567	86	20	login	login	NN
www-sonatype-com-3567	86	21	instruction	instruction	NN
www-sonatype-com-3567	86	22	details	detail	NNS
www-sonatype-com-3567	86	23	.	.	.
www-sonatype-com-3567	87	1	npm	npm	NNP
www-sonatype-com-3567	87	2	credentials	credential	NNS
www-sonatype-com-3567	87	3	intentionally	intentionally	RB
www-sonatype-com-3567	87	4	compromised	compromise	VBD
www-sonatype-com-3567	87	5	.	.	.
www-sonatype-com-3567	88	1	A	a	DT
www-sonatype-com-3567	88	2	malicious	malicious	JJ
www-sonatype-com-3567	88	3	version	version	NN
www-sonatype-com-3567	88	4	of	of	IN
www-sonatype-com-3567	88	5	a	a	DT
www-sonatype-com-3567	88	6	package	package	NN
www-sonatype-com-3567	88	7	from	from	IN
www-sonatype-com-3567	88	8	a	a	DT
www-sonatype-com-3567	88	9	core	core	NN
www-sonatype-com-3567	88	10	contributor	contributor	NN
www-sonatype-com-3567	88	11	to	to	IN
www-sonatype-com-3567	88	12	the	the	DT
www-sonatype-com-3567	88	13	conventional-	conventional-	NN
www-sonatype-com-3567	88	14	changelog	changelog	NNP
www-sonatype-com-3567	88	15	ecosystem	ecosystem	NNP
www-sonatype-com-3567	88	16	is	be	VBZ
www-sonatype-com-3567	88	17	published	publish	VBN
www-sonatype-com-3567	88	18	.	.	.
www-sonatype-com-3567	89	1	The	the	DT
www-sonatype-com-3567	89	2	package	package	NN
www-sonatype-com-3567	89	3	was	be	VBD
www-sonatype-com-3567	89	4	installed	instal	VBN
www-sonatype-com-3567	89	5	28,000	28,000	CD
www-sonatype-com-3567	89	6	times	time	NNS
www-sonatype-com-3567	89	7	in	in	IN
www-sonatype-com-3567	89	8	35	35	CD
www-sonatype-com-3567	89	9	hours	hour	NNS
www-sonatype-com-3567	89	10	and	and	CC
www-sonatype-com-3567	89	11	executed	execute	VBD
www-sonatype-com-3567	89	12	a	a	DT
www-sonatype-com-3567	89	13	Monero	Monero	NNP
www-sonatype-com-3567	89	14	crypto	crypto	NN
www-sonatype-com-3567	89	15	miner	miner	NN
www-sonatype-com-3567	89	16	.	.	.
www-sonatype-com-3567	90	1	Homebrew	homebrew	JJ
www-sonatype-com-3567	90	2	repository	repository	NN
www-sonatype-com-3567	90	3	compromised	compromise	VBD
www-sonatype-com-3567	90	4	.	.	.
www-sonatype-com-3567	91	1	Accessed	access	VBN
www-sonatype-com-3567	91	2	in	in	IN
www-sonatype-com-3567	91	3	under	under	IN
www-sonatype-com-3567	91	4	30	30	CD
www-sonatype-com-3567	91	5	minutes	minute	NNS
www-sonatype-com-3567	91	6	through	through	IN
www-sonatype-com-3567	91	7	an	an	DT
www-sonatype-com-3567	91	8	exposed	expose	VBN
www-sonatype-com-3567	91	9	GitHub	GitHub	NNP
www-sonatype-com-3567	91	10	API	api	NN
www-sonatype-com-3567	91	11	token	token	JJ
www-sonatype-com-3567	91	12	.	.	.
www-sonatype-com-3567	92	1	Deleted	delete	VBN
www-sonatype-com-3567	92	2	go	go	NN
www-sonatype-com-3567	92	3	-	-	HYPH
www-sonatype-com-3567	92	4	bindata	bindata	NN
www-sonatype-com-3567	92	5	account	account	NN
www-sonatype-com-3567	92	6	resurrected	resurrect	VBN
www-sonatype-com-3567	92	7	by	by	IN
www-sonatype-com-3567	92	8	an	an	DT
www-sonatype-com-3567	92	9	unknown	unknown	JJ
www-sonatype-com-3567	92	10	user	user	NN
www-sonatype-com-3567	92	11	.	.	.
www-sonatype-com-3567	93	1	After	after	IN
www-sonatype-com-3567	93	2	a	a	DT
www-sonatype-com-3567	93	3	developer	developer	NN
www-sonatype-com-3567	93	4	deleted	delete	VBD
www-sonatype-com-3567	93	5	their	-PRON-	PRP$
www-sonatype-com-3567	93	6	GitHub	GitHub	NNP
www-sonatype-com-3567	93	7	account	account	NN
www-sonatype-com-3567	93	8	,	,	,
www-sonatype-com-3567	93	9	someone	someone	NN
www-sonatype-com-3567	93	10	immediately	immediately	RB
www-sonatype-com-3567	93	11	grabbed	grab	VBD
www-sonatype-com-3567	93	12	the	the	DT
www-sonatype-com-3567	93	13	ID	ID	NNP
www-sonatype-com-3567	93	14	—	—	:
www-sonatype-com-3567	93	15	inheriting	inherit	VBG
www-sonatype-com-3567	93	16	the	the	DT
www-sonatype-com-3567	93	17	karma	karma	NNP
www-sonatype-com-3567	93	18	instilled	instill	VBN
www-sonatype-com-3567	93	19	in	in	IN
www-sonatype-com-3567	93	20	that	that	DT
www-sonatype-com-3567	93	21	ID	ID	NNP
www-sonatype-com-3567	93	22	and	and	CC
www-sonatype-com-3567	93	23	calling	call	VBG
www-sonatype-com-3567	93	24	into	into	IN
www-sonatype-com-3567	93	25	question	question	NN
www-sonatype-com-3567	93	26	packages	package	NNS
www-sonatype-com-3567	93	27	&	&	CC
www-sonatype-com-3567	93	28	sources	source	NNS
www-sonatype-com-3567	93	29	.	.	.
www-sonatype-com-3567	94	1	Back	back	RB
www-sonatype-com-3567	94	2	-	-	HYPH
www-sonatype-com-3567	94	3	doored	doore	VBN
www-sonatype-com-3567	94	4	PyPI	pypi	NN
www-sonatype-com-3567	94	5	package	package	NN
www-sonatype-com-3567	94	6	discovered	discover	VBD
www-sonatype-com-3567	94	7	.	.	.
www-sonatype-com-3567	95	1	Python	Python	NNP
www-sonatype-com-3567	95	2	module	module	JJ
www-sonatype-com-3567	95	3	ssh	ssh	NN
www-sonatype-com-3567	95	4	-	-	HYPH
www-sonatype-com-3567	95	5	decorator	decorator	NN
www-sonatype-com-3567	95	6	back	back	RB
www-sonatype-com-3567	95	7	-	-	HYPH
www-sonatype-com-3567	95	8	doored	doore	VBN
www-sonatype-com-3567	95	9	to	to	TO
www-sonatype-com-3567	95	10	enable	enable	VB
www-sonatype-com-3567	95	11	theft	theft	NN
www-sonatype-com-3567	95	12	of	of	IN
www-sonatype-com-3567	95	13	private	private	JJ
www-sonatype-com-3567	95	14	ssh	ssh	NNP
www-sonatype-com-3567	95	15	keys	key	NNS
www-sonatype-com-3567	95	16	.	.	.
www-sonatype-com-3567	96	1	PyPI	PyPI	NNP
www-sonatype-com-3567	96	2	typosquat	typosquat	NN
www-sonatype-com-3567	96	3	:	:	:
www-sonatype-com-3567	96	4	10	10	CD
www-sonatype-com-3567	96	5	malicious	malicious	JJ
www-sonatype-com-3567	96	6	Python	Python	NNP
www-sonatype-com-3567	96	7	packages	package	NNS
www-sonatype-com-3567	96	8	found	find	VBN
www-sonatype-com-3567	96	9	.	.	.
www-sonatype-com-3567	97	1	Evidence	evidence	NN
www-sonatype-com-3567	97	2	of	of	IN
www-sonatype-com-3567	97	3	the	the	DT
www-sonatype-com-3567	97	4	fake	fake	JJ
www-sonatype-com-3567	97	5	packages	package	NNS
www-sonatype-com-3567	97	6	being	be	VBG
www-sonatype-com-3567	97	7	incorporated	incorporate	VBN
www-sonatype-com-3567	97	8	into	into	IN
www-sonatype-com-3567	97	9	software	software	NN
www-sonatype-com-3567	97	10	was	be	VBD
www-sonatype-com-3567	97	11	noted	note	VBN
www-sonatype-com-3567	97	12	multiple	multiple	JJ
www-sonatype-com-3567	97	13	times	time	NNS
www-sonatype-com-3567	97	14	between	between	IN
www-sonatype-com-3567	97	15	June	June	NNP
www-sonatype-com-3567	97	16	and	and	CC
www-sonatype-com-3567	97	17	Sept	Sept	NNP
www-sonatype-com-3567	97	18	2017	2017	CD
www-sonatype-com-3567	97	19	.	.	.
www-sonatype-com-3567	98	1	Back	back	RB
www-sonatype-com-3567	98	2	-	-	HYPH
www-sonatype-com-3567	98	3	doored	doore	VBN
www-sonatype-com-3567	98	4	npm	npm	NN
www-sonatype-com-3567	98	5	package	package	NN
www-sonatype-com-3567	98	6	discovered	discover	VBD
www-sonatype-com-3567	98	7	.	.	.
www-sonatype-com-3567	99	1	npm	npm	NNP
www-sonatype-com-3567	99	2	security	security	NN
www-sonatype-com-3567	99	3	team	team	NN
www-sonatype-com-3567	99	4	responds	respond	VBZ
www-sonatype-com-3567	99	5	to	to	IN
www-sonatype-com-3567	99	6	reports	report	NNS
www-sonatype-com-3567	99	7	of	of	IN
www-sonatype-com-3567	99	8	a	a	DT
www-sonatype-com-3567	99	9	malicious	malicious	JJ
www-sonatype-com-3567	99	10	back	back	JJ
www-sonatype-com-3567	99	11	door	door	NN
www-sonatype-com-3567	99	12	in	in	IN
www-sonatype-com-3567	99	13	the	the	DT
www-sonatype-com-3567	99	14	get	get	VB
www-sonatype-com-3567	99	15	-	-	HYPH
www-sonatype-com-3567	99	16	cookies	cookie	NNS
www-sonatype-com-3567	99	17	module	module	NN
www-sonatype-com-3567	99	18	,	,	,
www-sonatype-com-3567	99	19	published	publish	VBN
www-sonatype-com-3567	99	20	in	in	IN
www-sonatype-com-3567	99	21	March	March	NNP
www-sonatype-com-3567	99	22	.	.	.
www-sonatype-com-3567	100	1	Despite	despite	IN
www-sonatype-com-3567	100	2	being	be	VBG
www-sonatype-com-3567	100	3	deprecated	deprecate	VBN
www-sonatype-com-3567	100	4	,	,	,
www-sonatype-com-3567	100	5	mailparser	mailparser	NNP
www-sonatype-com-3567	100	6	still	still	RB
www-sonatype-com-3567	100	7	receives	receive	VBZ
www-sonatype-com-3567	100	8	about	about	RB
www-sonatype-com-3567	100	9	64,000	64,000	CD
www-sonatype-com-3567	100	10	weekly	weekly	JJ
www-sonatype-com-3567	100	11	downloads	download	NNS
www-sonatype-com-3567	100	12	.	.	.
www-sonatype-com-3567	101	1	“	"	``
www-sonatype-com-3567	101	2	I	-PRON-	PRP
www-sonatype-com-3567	101	3	’m	be	VBP
www-sonatype-com-3567	101	4	harvesting	harvest	VBG
www-sonatype-com-3567	101	5	credit	credit	NN
www-sonatype-com-3567	101	6	card	card	NN
www-sonatype-com-3567	101	7	numbers	number	NNS
www-sonatype-com-3567	101	8	and	and	CC
www-sonatype-com-3567	101	9	passwords	password	NNS
www-sonatype-com-3567	101	10	from	from	IN
www-sonatype-com-3567	101	11	your	-PRON-	PRP$
www-sonatype-com-3567	101	12	site	site	NN
www-sonatype-com-3567	101	13	.	.	.
www-sonatype-com-3567	102	1	Here	here	RB
www-sonatype-com-3567	102	2	’s	’	VBZ
www-sonatype-com-3567	102	3	 	  	_SP
www-sonatype-com-3567	102	4	how	how	WRB
www-sonatype-com-3567	102	5	.	.	.
www-sonatype-com-3567	102	6	”	"	''
www-sonatype-com-3567	102	7	David	David	NNP
www-sonatype-com-3567	102	8	Gilbertson	Gilbertson	NNP
www-sonatype-com-3567	102	9	writes	write	VBZ
www-sonatype-com-3567	102	10	a	a	DT
www-sonatype-com-3567	102	11	fictional	fictional	JJ
www-sonatype-com-3567	102	12	tale	tale	NN
www-sonatype-com-3567	102	13	on	on	IN
www-sonatype-com-3567	102	14	his	-PRON-	PRP$
www-sonatype-com-3567	102	15	blog	blog	NN
www-sonatype-com-3567	102	16	about	about	IN
www-sonatype-com-3567	102	17	creating	create	VBG
www-sonatype-com-3567	102	18	a	a	DT
www-sonatype-com-3567	102	19	malicious	malicious	JJ
www-sonatype-com-3567	102	20	npm	npm	NN
www-sonatype-com-3567	102	21	package	package	NN
www-sonatype-com-3567	102	22	.	.	.
www-sonatype-com-3567	103	1	Linux	Linux	NNP
www-sonatype-com-3567	103	2	distro	distro	NNP
www-sonatype-com-3567	103	3	hacked	hack	VBD
www-sonatype-com-3567	103	4	on	on	IN
www-sonatype-com-3567	103	5	GitHub	GitHub	NNP
www-sonatype-com-3567	103	6	.	.	.
www-sonatype-com-3567	104	1	Unknown	unknown	JJ
www-sonatype-com-3567	104	2	individuals	individual	NNS
www-sonatype-com-3567	104	3	gain	gain	VBP
www-sonatype-com-3567	104	4	control	control	NN
www-sonatype-com-3567	104	5	of	of	IN
www-sonatype-com-3567	104	6	the	the	DT
www-sonatype-com-3567	104	7	Github	Github	NNP
www-sonatype-com-3567	104	8	Gentoo	Gentoo	NNP
www-sonatype-com-3567	104	9	organization	organization	NN
www-sonatype-com-3567	104	10	and	and	CC
www-sonatype-com-3567	104	11	modified	modify	VBD
www-sonatype-com-3567	104	12	the	the	DT
www-sonatype-com-3567	104	13	content	content	NN
www-sonatype-com-3567	104	14	of	of	IN
www-sonatype-com-3567	104	15	repositories	repository	NNS
www-sonatype-com-3567	104	16	as	as	RB
www-sonatype-com-3567	104	17	well	well	RB
www-sonatype-com-3567	104	18	as	as	IN
www-sonatype-com-3567	104	19	pages	page	NNS
www-sonatype-com-3567	104	20	within	within	IN
www-sonatype-com-3567	104	21	.	.	.
www-sonatype-com-3567	105	1	All	all	DT
www-sonatype-com-3567	105	2	code	code	NN
www-sonatype-com-3567	105	3	considered	consider	VBD
www-sonatype-com-3567	105	4	compromised	compromise	VBN
www-sonatype-com-3567	105	5	.	.	.
www-sonatype-com-3567	106	1	Back	back	RB
www-sonatype-com-3567	106	2	-	-	HYPH
www-sonatype-com-3567	106	3	doored	doore	VBN
www-sonatype-com-3567	106	4	Gems	Gems	NNP
www-sonatype-com-3567	106	5	bootstrap	bootstrap	NN
www-sonatype-com-3567	106	6	-	-	HYPH
www-sonatype-com-3567	106	7	sass	sass	NN
www-sonatype-com-3567	106	8	RCE	RCE	NNP
www-sonatype-com-3567	106	9	package	package	NN
www-sonatype-com-3567	106	10	discovered	discover	VBD
www-sonatype-com-3567	106	11	.	.	.
www-sonatype-com-3567	107	1	A	a	DT
www-sonatype-com-3567	107	2	malicious	malicious	JJ
www-sonatype-com-3567	107	3	version	version	NN
www-sonatype-com-3567	107	4	of	of	IN
www-sonatype-com-3567	107	5	the	the	DT
www-sonatype-com-3567	107	6	popular	popular	JJ
www-sonatype-com-3567	107	7	bootstrap	bootstrap	NN
www-sonatype-com-3567	107	8	-	-	HYPH
www-sonatype-com-3567	107	9	sass	sass	NN
www-sonatype-com-3567	107	10	package	package	NN
www-sonatype-com-3567	107	11	,	,	,
www-sonatype-com-3567	107	12	downloaded	download	VBD
www-sonatype-com-3567	107	13	a	a	DT
www-sonatype-com-3567	107	14	total	total	NN
www-sonatype-com-3567	107	15	of	of	IN
www-sonatype-com-3567	107	16	28	28	CD
www-sonatype-com-3567	107	17	million	million	CD
www-sonatype-com-3567	107	18	times	time	NNS
www-sonatype-com-3567	107	19	to	to	IN
www-sonatype-com-3567	107	20	date	date	NN
www-sonatype-com-3567	107	21	,	,	,
www-sonatype-com-3567	107	22	and	and	CC
www-sonatype-com-3567	107	23	with	with	IN
www-sonatype-com-3567	107	24	1.6	1.6	CD
www-sonatype-com-3567	107	25	K	K	NNP
www-sonatype-com-3567	107	26	dependencies	dependency	NNS
www-sonatype-com-3567	107	27	,	,	,
www-sonatype-com-3567	107	28	is	be	VBZ
www-sonatype-com-3567	107	29	published	publish	VBN
www-sonatype-com-3567	107	30	to	to	IN
www-sonatype-com-3567	107	31	the	the	DT
www-sonatype-com-3567	107	32	RubyGems	RubyGems	NNP
www-sonatype-com-3567	107	33	repository	repository	NN
www-sonatype-com-3567	107	34	.	.	.
www-sonatype-com-3567	108	1	basic_authable	basic_authable	NNP
www-sonatype-com-3567	108	2	Three	three	CD
www-sonatype-com-3567	108	3	versions	version	NNS
www-sonatype-com-3567	108	4	of	of	IN
www-sonatype-com-3567	108	5	this	this	DT
www-sonatype-com-3567	108	6	Gems	Gems	NNP
www-sonatype-com-3567	108	7	package	package	NN
www-sonatype-com-3567	108	8	released	release	VBN
www-sonatype-com-3567	108	9	in	in	IN
www-sonatype-com-3567	108	10	2017	2017	CD
www-sonatype-com-3567	108	11	were	be	VBD
www-sonatype-com-3567	108	12	yanked	yank	VBN
www-sonatype-com-3567	108	13	from	from	IN
www-sonatype-com-3567	108	14	the	the	DT
www-sonatype-com-3567	108	15	Gems	Gems	NNP
www-sonatype-com-3567	108	16	repository	repository	NN
www-sonatype-com-3567	108	17	due	due	IN
www-sonatype-com-3567	108	18	to	to	IN
www-sonatype-com-3567	108	19	their	-PRON-	PRP$
www-sonatype-com-3567	108	20	malicious	malicious	JJ
www-sonatype-com-3567	108	21	nature	nature	NN
www-sonatype-com-3567	108	22	.	.	.
www-sonatype-com-3567	109	1	PyPI	pypi	NN
www-sonatype-com-3567	109	2	package	package	NN
www-sonatype-com-3567	109	3	discovered	discover	VBN
www-sonatype-com-3567	109	4	with	with	IN
www-sonatype-com-3567	109	5	a	a	DT
www-sonatype-com-3567	109	6	back	back	JJ
www-sonatype-com-3567	109	7	-	-	HYPH
www-sonatype-com-3567	109	8	door	door	NN
www-sonatype-com-3567	109	9	vulnerability	vulnerability	NN
www-sonatype-com-3567	109	10	.	.	.
www-sonatype-com-3567	110	1	The	the	DT
www-sonatype-com-3567	110	2	package	package	NN
www-sonatype-com-3567	110	3	had	have	VBD
www-sonatype-com-3567	110	4	been	be	VBN
www-sonatype-com-3567	110	5	reported	report	VBN
www-sonatype-com-3567	110	6	as	as	IN
www-sonatype-com-3567	110	7	containing	contain	VBG
www-sonatype-com-3567	110	8	a	a	DT
www-sonatype-com-3567	110	9	known	know	VBN
www-sonatype-com-3567	110	10	vulnerability	vulnerability	NN
www-sonatype-com-3567	110	11	but	but	CC
www-sonatype-com-3567	110	12	was	be	VBD
www-sonatype-com-3567	110	13	not	not	RB
www-sonatype-com-3567	110	14	removed	remove	VBN
www-sonatype-com-3567	110	15	from	from	IN
www-sonatype-com-3567	110	16	the	the	DT
www-sonatype-com-3567	110	17	public	public	JJ
www-sonatype-com-3567	110	18	repository	repository	NN
www-sonatype-com-3567	110	19	.	.	.
www-sonatype-com-3567	111	1	230	230	CD
www-sonatype-com-3567	111	2	RubyGems	RubyGems	NNP
www-sonatype-com-3567	111	3	pulled	pull	VBD
www-sonatype-com-3567	111	4	for	for	IN
www-sonatype-com-3567	111	5	typosquatting	typosquatting	NN
www-sonatype-com-3567	111	6	or	or	CC
www-sonatype-com-3567	111	7	impersonating	impersonate	VBG
www-sonatype-com-3567	111	8	popular	popular	JJ
www-sonatype-com-3567	111	9	open	open	JJ
www-sonatype-com-3567	111	10	source	source	NN
www-sonatype-com-3567	111	11	packages	package	NNS
www-sonatype-com-3567	111	12	.	.	.
www-sonatype-com-3567	112	1	Software	software	NN
www-sonatype-com-3567	112	2	Supply	supply	NN
www-sonatype-com-3567	112	3	Chain	Chain	NNP
www-sonatype-com-3567	112	4	Attacks	Attacks	NNPS
www-sonatype-com-3567	112	5	,	,	,
www-sonatype-com-3567	112	6	July	July	NNP
www-sonatype-com-3567	112	7	2017	2017	CD
www-sonatype-com-3567	112	8	to	to	IN
www-sonatype-com-3567	112	9	July	July	NNP
www-sonatype-com-3567	112	10	2020	2020	CD
www-sonatype-com-3567	112	11	Compromised	Compromised	NNP
www-sonatype-com-3567	112	12	JavaScript	JavaScript	NNP
www-sonatype-com-3567	112	13	package	package	NN
www-sonatype-com-3567	112	14	caught	catch	VBD
www-sonatype-com-3567	112	15	stealing	steal	VBG
www-sonatype-com-3567	112	16	npm	npm	NN
www-sonatype-com-3567	112	17	credentials	credential	NNS
www-sonatype-com-3567	112	18	.	.	.
www-sonatype-com-3567	113	1	A	a	DT
www-sonatype-com-3567	113	2	hacker	hacker	NN
www-sonatype-com-3567	113	3	gains	gain	VBZ
www-sonatype-com-3567	113	4	access	access	NN
www-sonatype-com-3567	113	5	to	to	IN
www-sonatype-com-3567	113	6	a	a	DT
www-sonatype-com-3567	113	7	developer	developer	NN
www-sonatype-com-3567	113	8	’s	’s	POS
www-sonatype-com-3567	113	9	npm	npm	NN
www-sonatype-com-3567	113	10	account	account	NN
www-sonatype-com-3567	113	11	and	and	CC
www-sonatype-com-3567	113	12	injects	inject	VBZ
www-sonatype-com-3567	113	13	malicious	malicious	JJ
www-sonatype-com-3567	113	14	code	code	NN
www-sonatype-com-3567	113	15	into	into	IN
www-sonatype-com-3567	113	16	a	a	DT
www-sonatype-com-3567	113	17	popular	popular	JJ
www-sonatype-com-3567	113	18	JavaScript	JavaScript	NNP
www-sonatype-com-3567	113	19	library	library	NN
www-sonatype-com-3567	113	20	called	call	VBN
www-sonatype-com-3567	113	21	eslint-	eslint-	NNP
www-sonatype-com-3567	113	22	scope	scope	NN
www-sonatype-com-3567	113	23	,	,	,
www-sonatype-com-3567	113	24	a	a	DT
www-sonatype-com-3567	113	25	sub	sub	NN
www-sonatype-com-3567	113	26	-	-	JJ
www-sonatype-com-3567	113	27	module	module	NN
www-sonatype-com-3567	113	28	of	of	IN
www-sonatype-com-3567	113	29	the	the	DT
www-sonatype-com-3567	113	30	more	more	RBR
www-sonatype-com-3567	113	31	famous	famous	JJ
www-sonatype-com-3567	113	32	ESLint	ESLint	NNP
www-sonatype-com-3567	113	33	,	,	,
www-sonatype-com-3567	113	34	a	a	DT
www-sonatype-com-3567	113	35	JavaScript	JavaScript	NNP
www-sonatype-com-3567	113	36	code	code	NN
www-sonatype-com-3567	113	37	analysis	analysis	NN
www-sonatype-com-3567	113	38	toolkit	toolkit	VBZ
www-sonatype-com-3567	113	39	.	.	.
www-sonatype-com-3567	114	1	SEP	SEP	NNP
www-sonatype-com-3567	114	2	2017	2017	CD
www-sonatype-com-3567	114	3	JAN	JAN	NNP
www-sonatype-com-3567	114	4	2018	2018	CD
www-sonatype-com-3567	114	5	FEB	FEB	NNP
www-sonatype-com-3567	114	6	2018	2018	CD
www-sonatype-com-3567	114	7	Adversaries	Adversaries	NNPS
www-sonatype-com-3567	114	8	compromised	compromise	VBD
www-sonatype-com-3567	114	9	the	the	DT
www-sonatype-com-3567	114	10	account	account	NN
www-sonatype-com-3567	114	11	of	of	IN
www-sonatype-com-3567	114	12	a	a	DT
www-sonatype-com-3567	114	13	rest	rest	NN
www-sonatype-com-3567	114	14	-	-	HYPH
www-sonatype-com-3567	114	15	client	client	NN
www-sonatype-com-3567	114	16	maintainer	maintainer	NN
www-sonatype-com-3567	114	17	to	to	TO
www-sonatype-com-3567	114	18	install	install	VB
www-sonatype-com-3567	114	19	crypto	crypto	NN
www-sonatype-com-3567	114	20	miners	miner	NNS
www-sonatype-com-3567	114	21	.	.	.
www-sonatype-com-3567	115	1	A	a	DT
www-sonatype-com-3567	115	2	�	�	RBS
www-sonatype-com-3567	115	3	ected	ected	JJ
www-sonatype-com-3567	115	4	versions	version	NNS
www-sonatype-com-3567	115	5	(	(	-LRB-
www-sonatype-com-3567	115	6	1.6.10	1.6.10	CD
www-sonatype-com-3567	115	7	to	to	IN
www-sonatype-com-3567	115	8	1.6.13	1.6.13	CD
www-sonatype-com-3567	115	9	)	)	-RRB-
www-sonatype-com-3567	115	10	were	be	VBD
www-sonatype-com-3567	115	11	downloaded	download	VBN
www-sonatype-com-3567	115	12	about	about	IN
www-sonatype-com-3567	115	13	1000	1000	CD
www-sonatype-com-3567	115	14	times	time	NNS
www-sonatype-com-3567	115	15	.	.	.
www-sonatype-com-3567	116	1	Similar	similar	JJ
www-sonatype-com-3567	116	2	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	116	3	were	be	VBD
www-sonatype-com-3567	116	4	found	find	VBN
www-sonatype-com-3567	116	5	in	in	IN
www-sonatype-com-3567	116	6	Gem	Gem	NNP
www-sonatype-com-3567	116	7	packages	package	NNS
www-sonatype-com-3567	116	8	:	:	:
www-sonatype-com-3567	116	9	coming	come	VBG
www-sonatype-com-3567	116	10	-	-	:
www-sonatype-com-3567	116	11	soon	soon	RB
www-sonatype-com-3567	116	12	and	and	CC
www-sonatype-com-3567	116	13	cron_parser	cron_parser	NN
www-sonatype-com-3567	116	14	.	.	.
www-sonatype-com-3567	117	1	bb	bb	NNP
www-sonatype-com-3567	117	2	-	-	HYPH
www-sonatype-com-3567	117	3	builder	builder	NN
www-sonatype-com-3567	117	4	removed	remove	VBN
www-sonatype-com-3567	117	5	from	from	IN
www-sonatype-com-3567	117	6	the	the	DT
www-sonatype-com-3567	117	7	npm	npm	NNP
www-sonatype-com-3567	117	8	repository	repository	NN
www-sonatype-com-3567	117	9	.	.	.
www-sonatype-com-3567	118	1	The	the	DT
www-sonatype-com-3567	118	2	component	component	NN
www-sonatype-com-3567	118	3	stole	steal	VBD
www-sonatype-com-3567	118	4	login	login	NNP
www-sonatype-com-3567	118	5	information	information	NN
www-sonatype-com-3567	118	6	from	from	IN
www-sonatype-com-3567	118	7	the	the	DT
www-sonatype-com-3567	118	8	computers	computer	NNS
www-sonatype-com-3567	118	9	it	-PRON-	PRP
www-sonatype-com-3567	118	10	was	be	VBD
www-sonatype-com-3567	118	11	installed	instal	VBN
www-sonatype-com-3567	118	12	on	on	IN
www-sonatype-com-3567	118	13	,	,	,
www-sonatype-com-3567	118	14	sending	send	VBG
www-sonatype-com-3567	118	15	it	-PRON-	PRP
www-sonatype-com-3567	118	16	to	to	IN
www-sonatype-com-3567	118	17	a	a	DT
www-sonatype-com-3567	118	18	remote	remote	JJ
www-sonatype-com-3567	118	19	server	server	NN
www-sonatype-com-3567	118	20	.	.	.
www-sonatype-com-3567	119	1	sj	sj	NNP
www-sonatype-com-3567	119	2	-	-	HYPH
www-sonatype-com-3567	119	3	tw	tw	JJ
www-sonatype-com-3567	119	4	-	-	HYPH
www-sonatype-com-3567	119	5	test	test	NN
www-sonatype-com-3567	119	6	-	-	HYPH
www-sonatype-com-3567	119	7	security	security	NN
www-sonatype-com-3567	119	8	All	all	DT
www-sonatype-com-3567	119	9	versions	version	NNS
www-sonatype-com-3567	119	10	of	of	IN
www-sonatype-com-3567	119	11	the	the	DT
www-sonatype-com-3567	119	12	component	component	NN
www-sonatype-com-3567	119	13	“	"	``
www-sonatype-com-3567	119	14	contain	contain	VB
www-sonatype-com-3567	119	15	malicious	malicious	JJ
www-sonatype-com-3567	119	16	back	back	JJ
www-sonatype-com-3567	119	17	-	-	HYPH
www-sonatype-com-3567	119	18	door	door	NN
www-sonatype-com-3567	119	19	code	code	NN
www-sonatype-com-3567	119	20	that	that	IN
www-sonatype-com-3567	119	21	downloads	download	VBZ
www-sonatype-com-3567	119	22	and	and	CC
www-sonatype-com-3567	119	23	runs	run	VBZ
www-sonatype-com-3567	119	24	a	a	DT
www-sonatype-com-3567	119	25	script	script	NN
www-sonatype-com-3567	119	26	that	that	WDT
www-sonatype-com-3567	119	27	opens	open	VBZ
www-sonatype-com-3567	119	28	a	a	DT
www-sonatype-com-3567	119	29	reverse	reverse	JJ
www-sonatype-com-3567	119	30	shell	shell	NN
www-sonatype-com-3567	119	31	in	in	IN
www-sonatype-com-3567	119	32	the	the	DT
www-sonatype-com-3567	119	33	system	system	NN
www-sonatype-com-3567	119	34	allowing	allow	VBG
www-sonatype-com-3567	119	35	a	a	DT
www-sonatype-com-3567	119	36	remote	remote	JJ
www-sonatype-com-3567	119	37	attacker	attacker	NN
www-sonatype-com-3567	119	38	to	to	TO
www-sonatype-com-3567	119	39	compromise	compromise	VB
www-sonatype-com-3567	119	40	the	the	DT
www-sonatype-com-3567	119	41	a	a	DT
www-sonatype-com-3567	119	42	�	�	NNP
www-sonatype-com-3567	119	43	ected	ected	JJ
www-sonatype-com-3567	119	44	system	system	NN
www-sonatype-com-3567	119	45	.	.	.
www-sonatype-com-3567	120	1	lodahs	lodahs	NNP
www-sonatype-com-3567	120	2	,	,	,
www-sonatype-com-3567	120	3	web3b	web3b	NN
www-sonatype-com-3567	120	4	,	,	,
www-sonatype-com-3567	120	5	and	and	CC
www-sonatype-com-3567	120	6	web3-eht	web3-eht	LS
www-sonatype-com-3567	120	7	Taking	take	VBG
www-sonatype-com-3567	120	8	advantage	advantage	NN
www-sonatype-com-3567	120	9	of	of	IN
www-sonatype-com-3567	120	10	a	a	DT
www-sonatype-com-3567	120	11	typosquatting	typosquatting	NN
www-sonatype-com-3567	120	12	exploit	exploit	NN
www-sonatype-com-3567	120	13	for	for	IN
www-sonatype-com-3567	120	14	lodash	lodash	NNP
www-sonatype-com-3567	120	15	npm	npm	NNP
www-sonatype-com-3567	120	16	packages	package	NNS
www-sonatype-com-3567	120	17	,	,	,
www-sonatype-com-3567	120	18	all	all	DT
www-sonatype-com-3567	120	19	versions	version	NNS
www-sonatype-com-3567	120	20	of	of	IN
www-sonatype-com-3567	120	21	the	the	DT
www-sonatype-com-3567	120	22	“	"	``
www-sonatype-com-3567	120	23	lodahs	lodahs	NN
www-sonatype-com-3567	120	24	”	"	''
www-sonatype-com-3567	120	25	package	package	NN
www-sonatype-com-3567	120	26	contain	contain	NN
www-sonatype-com-3567	120	27	malware	malware	NNP
www-sonatype-com-3567	120	28	designed	design	VBN
www-sonatype-com-3567	120	29	to	to	TO
www-sonatype-com-3567	120	30	find	find	VB
www-sonatype-com-3567	120	31	and	and	CC
www-sonatype-com-3567	120	32	exfiltrate	exfiltrate	VB
www-sonatype-com-3567	120	33	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	120	34	wallets	wallet	NNS
www-sonatype-com-3567	120	35	.	.	.
www-sonatype-com-3567	121	1	Web3b	Web3b	NNP
www-sonatype-com-3567	121	2	and	and	CC
www-sonatype-com-3567	121	3	web3-eht	web3-eht	NNP
www-sonatype-com-3567	121	4	were	be	VBD
www-sonatype-com-3567	121	5	removed	remove	VBN
www-sonatype-com-3567	121	6	for	for	IN
www-sonatype-com-3567	121	7	the	the	DT
www-sonatype-com-3567	121	8	same	same	JJ
www-sonatype-com-3567	121	9	exploit	exploit	NN
www-sonatype-com-3567	121	10	pattern	pattern	NN
www-sonatype-com-3567	121	11	.	.	.
www-sonatype-com-3567	122	1	Python3-dateutil	Python3-dateutil	NNP
www-sonatype-com-3567	122	2	and	and	CC
www-sonatype-com-3567	122	3	jeIlyfish	jeIlyfish	NNP
www-sonatype-com-3567	122	4	Two	two	CD
www-sonatype-com-3567	122	5	trojanized	trojanize	VBD
www-sonatype-com-3567	122	6	Python	Python	NNP
www-sonatype-com-3567	122	7	libraries	library	NNS
www-sonatype-com-3567	122	8	were	be	VBD
www-sonatype-com-3567	122	9	caught	catch	VBN
www-sonatype-com-3567	122	10	stealing	steal	VBG
www-sonatype-com-3567	122	11	SSH	SSH	NNP
www-sonatype-com-3567	122	12	and	and	CC
www-sonatype-com-3567	122	13	GPG	GPG	NNP
www-sonatype-com-3567	122	14	keys	key	NNS
www-sonatype-com-3567	122	15	from	from	IN
www-sonatype-com-3567	122	16	the	the	DT
www-sonatype-com-3567	122	17	projects	project	NNS
www-sonatype-com-3567	122	18	or	or	CC
www-sonatype-com-3567	122	19	infected	infect	VBN
www-sonatype-com-3567	122	20	developers	developer	NNS
www-sonatype-com-3567	122	21	.	.	.
www-sonatype-com-3567	123	1	1337qq	1337qq	NNP
www-sonatype-com-3567	123	2	-	-	:
www-sonatype-com-3567	123	3	js	js	NN
www-sonatype-com-3567	123	4	The	the	DT
www-sonatype-com-3567	123	5	malicious	malicious	JJ
www-sonatype-com-3567	123	6	npm	npm	NN
www-sonatype-com-3567	123	7	package	package	NN
www-sonatype-com-3567	123	8	exfiltrates	exfiltrate	VBZ
www-sonatype-com-3567	123	9	sensitive	sensitive	JJ
www-sonatype-com-3567	123	10	information	information	NN
www-sonatype-com-3567	123	11	such	such	JJ
www-sonatype-com-3567	123	12	as	as	IN
www-sonatype-com-3567	123	13	hard	hard	RB
www-sonatype-com-3567	123	14	-	-	HYPH
www-sonatype-com-3567	123	15	coded	code	VBN
www-sonatype-com-3567	123	16	passwords	password	NNS
www-sonatype-com-3567	123	17	or	or	CC
www-sonatype-com-3567	123	18	API	api	NN
www-sonatype-com-3567	123	19	access	access	NN
www-sonatype-com-3567	123	20	tokens	token	NNS
www-sonatype-com-3567	123	21	through	through	IN
www-sonatype-com-3567	123	22	install	install	NN
www-sonatype-com-3567	123	23	scripts	script	NNS
www-sonatype-com-3567	123	24	and	and	CC
www-sonatype-com-3567	123	25	targets	target	NNS
www-sonatype-com-3567	123	26	UNIX	UNIX	NNP
www-sonatype-com-3567	123	27	systems	system	NNS
www-sonatype-com-3567	123	28	only	only	RB
www-sonatype-com-3567	123	29	.	.	.
www-sonatype-com-3567	124	1	Hundreds	hundred	NNS
www-sonatype-com-3567	124	2	of	of	IN
www-sonatype-com-3567	124	3	RubyGems	RubyGems	NNP
www-sonatype-com-3567	124	4	packages	package	NNS
www-sonatype-com-3567	124	5	yanked	yank	VBN
www-sonatype-com-3567	124	6	from	from	IN
www-sonatype-com-3567	124	7	the	the	DT
www-sonatype-com-3567	124	8	public	public	JJ
www-sonatype-com-3567	124	9	repository	repository	NN
www-sonatype-com-3567	124	10	as	as	IN
www-sonatype-com-3567	124	11	a	a	DT
www-sonatype-com-3567	124	12	result	result	NN
www-sonatype-com-3567	124	13	of	of	IN
www-sonatype-com-3567	124	14	typosquatting	typosquatte	VBG
www-sonatype-com-3567	124	15	concerns	concern	NNS
www-sonatype-com-3567	124	16	.	.	.
www-sonatype-com-3567	125	1	atlas	atlas	NNP
www-sonatype-com-3567	125	2	-	-	HYPH
www-sonatype-com-3567	125	3	client	client	NN
www-sonatype-com-3567	125	4	400	400	CD
www-sonatype-com-3567	125	5	gems	gem	NNS
www-sonatype-com-3567	125	6	were	be	VBD
www-sonatype-com-3567	125	7	removed	remove	VBN
www-sonatype-com-3567	125	8	from	from	IN
www-sonatype-com-3567	125	9	the	the	DT
www-sonatype-com-3567	125	10	public	public	JJ
www-sonatype-com-3567	125	11	repository	repository	NN
www-sonatype-com-3567	125	12	for	for	IN
www-sonatype-com-3567	125	13	typosquatting	typosquatting	NN
www-sonatype-com-3567	125	14	and	and	CC
www-sonatype-com-3567	125	15	crypto	crypto	NN
www-sonatype-com-3567	125	16	mining	mining	NN
www-sonatype-com-3567	125	17	malware	malware	NNP
www-sonatype-com-3567	125	18	.	.	.
www-sonatype-com-3567	126	1	They	-PRON-	PRP
www-sonatype-com-3567	126	2	include	include	VBP
www-sonatype-com-3567	126	3	“	"	``
www-sonatype-com-3567	126	4	atlas	atlas	NNP
www-sonatype-com-3567	126	5	-	-	HYPH
www-sonatype-com-3567	126	6	client	client	NN
www-sonatype-com-3567	126	7	”	"	''
www-sonatype-com-3567	126	8	(	(	-LRB-
www-sonatype-com-3567	126	9	downloaded	download	VBN
www-sonatype-com-3567	126	10	2,100	2,100	CD
www-sonatype-com-3567	126	11	times	time	NNS
www-sonatype-com-3567	126	12	by	by	IN
www-sonatype-com-3567	126	13	developers	developer	NNS
www-sonatype-com-3567	126	14	)	)	-RRB-
www-sonatype-com-3567	126	15	.	.	.
www-sonatype-com-3567	127	1	Octopus	Octopus	NNP
www-sonatype-com-3567	127	2	Scanner	Scanner	NNP
www-sonatype-com-3567	127	3	26	26	CD
www-sonatype-com-3567	127	4	open	open	JJ
www-sonatype-com-3567	127	5	source	source	NN
www-sonatype-com-3567	127	6	packages	package	NNS
www-sonatype-com-3567	127	7	were	be	VBD
www-sonatype-com-3567	127	8	found	find	VBN
www-sonatype-com-3567	127	9	to	to	TO
www-sonatype-com-3567	127	10	be	be	VB
www-sonatype-com-3567	127	11	compromised	compromise	VBN
www-sonatype-com-3567	127	12	through	through	IN
www-sonatype-com-3567	127	13	malicious	malicious	JJ
www-sonatype-com-3567	127	14	code	code	NN
www-sonatype-com-3567	127	15	injection	injection	NN
www-sonatype-com-3567	127	16	.	.	.
www-sonatype-com-3567	128	1	The	the	DT
www-sonatype-com-3567	128	2	malware	malware	NN
www-sonatype-com-3567	128	3	was	be	VBD
www-sonatype-com-3567	128	4	designed	design	VBN
www-sonatype-com-3567	128	5	to	to	TO
www-sonatype-com-3567	128	6	enumerate	enumerate	VB
www-sonatype-com-3567	128	7	and	and	CC
www-sonatype-com-3567	128	8	back	back	VB
www-sonatype-com-3567	128	9	door	door	NN
www-sonatype-com-3567	128	10	NetBeans	netbean	NNS
www-sonatype-com-3567	128	11	projects	project	NNS
www-sonatype-com-3567	128	12	through	through	IN
www-sonatype-com-3567	128	13	the	the	DT
www-sonatype-com-3567	128	14	NetBeans	NetBeans	NNP
www-sonatype-com-3567	128	15	IDE	IDE	NNP
www-sonatype-com-3567	128	16	.	.	.
www-sonatype-com-3567	129	1	FIGURE	FIGURE	NNP
www-sonatype-com-3567	129	2	1D	1D	NNP
www-sonatype-com-3567	129	3	Software	Software	NNP
www-sonatype-com-3567	129	4	Supply	Supply	NNP
www-sonatype-com-3567	129	5	Chain	Chain	NNP
www-sonatype-com-3567	129	6	Attacks	Attacks	NNPS
www-sonatype-com-3567	129	7	,	,	,
www-sonatype-com-3567	129	8	July	July	NNP
www-sonatype-com-3567	129	9	2017	2017	CD
www-sonatype-com-3567	129	10	to	to	IN
www-sonatype-com-3567	129	11	July	July	NNP
www-sonatype-com-3567	129	12	2020	2020	CD
www-sonatype-com-3567	129	13	92020	92020	CD
www-sonatype-com-3567	129	14	STATE	STATE	NNP
www-sonatype-com-3567	129	15	OF	of	IN
www-sonatype-com-3567	129	16	THE	the	DT
www-sonatype-com-3567	129	17	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	129	18	SUPPLY	supply	NN
www-sonatype-com-3567	129	19	CHAIN	chain	NN
www-sonatype-com-3567	129	20	REPORT	report	NN
www-sonatype-com-3567	129	21	C	c	NN
www-sonatype-com-3567	129	22	H	h	NN
www-sonatype-com-3567	129	23	A	a	NN
www-sonatype-com-3567	129	24	P	p	NN
www-sonatype-com-3567	129	25	T	t	NN
www-sonatype-com-3567	129	26	E	e	NN
www-sonatype-com-3567	129	27	R	r	NN
www-sonatype-com-3567	129	28	1	1	CD
www-sonatype-com-3567	129	29	:	:	:
www-sonatype-com-3567	129	30	O	o	NN
www-sonatype-com-3567	129	31	P	p	NN
www-sonatype-com-3567	129	32	E	e	NN
www-sonatype-com-3567	129	33	N	n	NN
www-sonatype-com-3567	129	34	S	s	NN
www-sonatype-com-3567	129	35	E	e	NN
www-sonatype-com-3567	129	36	A	a	NN
www-sonatype-com-3567	129	37	S	s	NN
www-sonatype-com-3567	129	38	O	o	NN
www-sonatype-com-3567	129	39	N	n	NN
www-sonatype-com-3567	129	40	O	o	NN
www-sonatype-com-3567	129	41	N	n	NN
www-sonatype-com-3567	129	42	O	o	NN
www-sonatype-com-3567	129	43	P	p	NN
www-sonatype-com-3567	129	44	E	e	NN
www-sonatype-com-3567	129	45	N	n	NN
www-sonatype-com-3567	129	46	S	s	NN
www-sonatype-com-3567	129	47	O	o	NN
www-sonatype-com-3567	129	48	U	u	NN
www-sonatype-com-3567	129	49	R	r	NN
www-sonatype-com-3567	129	50	C	c	NN
www-sonatype-com-3567	129	51	E	e	NN
www-sonatype-com-3567	129	52	Time	time	NN
www-sonatype-com-3567	129	53	to	to	IN
www-sonatype-com-3567	129	54	Remediate	Remediate	NNP
www-sonatype-com-3567	129	55	Known	Known	NNP
www-sonatype-com-3567	129	56	OSS	oss	NN
www-sonatype-com-3567	129	57	Vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	129	58	After	after	IN
www-sonatype-com-3567	129	59	Detection	detection	NN
www-sonatype-com-3567	129	60	Less	Less	JJR
www-sonatype-com-3567	129	61	than	than	IN
www-sonatype-com-3567	129	62	1	1	CD
www-sonatype-com-3567	129	63	hour	hour	NN
www-sonatype-com-3567	129	64	Less	Less	JJR
www-sonatype-com-3567	129	65	than	than	IN
www-sonatype-com-3567	129	66	1	1	CD
www-sonatype-com-3567	129	67	day	day	NN
www-sonatype-com-3567	129	68	Between	between	IN
www-sonatype-com-3567	129	69	1	1	CD
www-sonatype-com-3567	129	70	day	day	NN
www-sonatype-com-3567	129	71	and	and	CC
www-sonatype-com-3567	129	72	1	1	CD
www-sonatype-com-3567	129	73	week	week	NN
www-sonatype-com-3567	129	74	Between	between	IN
www-sonatype-com-3567	129	75	1	1	CD
www-sonatype-com-3567	129	76	week	week	NN
www-sonatype-com-3567	129	77	and	and	CC
www-sonatype-com-3567	129	78	1	1	CD
www-sonatype-com-3567	129	79	month	month	NN
www-sonatype-com-3567	129	80	Between	between	IN
www-sonatype-com-3567	129	81	1	1	CD
www-sonatype-com-3567	129	82	month	month	NN
www-sonatype-com-3567	129	83	and	and	CC
www-sonatype-com-3567	129	84	6	6	CD
www-sonatype-com-3567	129	85	months	month	NNS
www-sonatype-com-3567	129	86	More	More	JJR
www-sonatype-com-3567	129	87	than	than	IN
www-sonatype-com-3567	129	88	6	6	CD
www-sonatype-com-3567	129	89	months	month	NNS
www-sonatype-com-3567	129	90	It	-PRON-	PRP
www-sonatype-com-3567	129	91	is	be	VBZ
www-sonatype-com-3567	129	92	never	never	RB
www-sonatype-com-3567	129	93	fixed	fix	VBN
www-sonatype-com-3567	129	94	2	2	CD
www-sonatype-com-3567	129	95	%	%	NN
www-sonatype-com-3567	129	96	3%4	3%4	CD
www-sonatype-com-3567	129	97	%	%	NN
www-sonatype-com-3567	129	98	17	17	CD
www-sonatype-com-3567	129	99	%	%	NN
www-sonatype-com-3567	129	100	26	26	CD
www-sonatype-com-3567	129	101	%	%	NN
www-sonatype-com-3567	129	102	35	35	CD
www-sonatype-com-3567	129	103	%	%	NN
www-sonatype-com-3567	129	104	12	12	CD
www-sonatype-com-3567	129	105	%	%	NN
www-sonatype-com-3567	129	106	51	51	CD
www-sonatype-com-3567	129	107	%	%	NN
www-sonatype-com-3567	129	108	remediate	remediate	NN
www-sonatype-com-3567	129	109	between	between	IN
www-sonatype-com-3567	129	110	1	1	CD
www-sonatype-com-3567	129	111	week	week	NN
www-sonatype-com-3567	129	112	and	and	CC
www-sonatype-com-3567	129	113	never	never	RB
www-sonatype-com-3567	129	114	.	.	.
www-sonatype-com-3567	130	1	Speed	speed	NN
www-sonatype-com-3567	130	2	Remains	remain	VBZ
www-sonatype-com-3567	130	3	Critical	critical	JJ
www-sonatype-com-3567	130	4	When	when	WRB
www-sonatype-com-3567	130	5	Responding	respond	VBG
www-sonatype-com-3567	130	6	to	to	IN
www-sonatype-com-3567	130	7	Legacy	Legacy	NNP
www-sonatype-com-3567	130	8	Software	Software	NNP
www-sonatype-com-3567	130	9	Supply	Supply	NNP
www-sonatype-com-3567	130	10	Chain	chain	NN
www-sonatype-com-3567	130	11	Attacks	attack	NNS
www-sonatype-com-3567	130	12	While	while	IN
www-sonatype-com-3567	130	13	bad	bad	JJ
www-sonatype-com-3567	130	14	actors	actor	NNS
www-sonatype-com-3567	130	15	are	be	VBP
www-sonatype-com-3567	130	16	increasingly	increasingly	RB
www-sonatype-com-3567	130	17	shifting	shift	VBG
www-sonatype-com-3567	130	18	their	-PRON-	PRP$
www-sonatype-com-3567	130	19	attention	attention	NN
www-sonatype-com-3567	130	20	upstream	upstream	NN
www-sonatype-com-3567	130	21	,	,	,
www-sonatype-com-3567	130	22	it	-PRON-	PRP
www-sonatype-com-3567	130	23	is	be	VBZ
www-sonatype-com-3567	130	24	critical	critical	JJ
www-sonatype-com-3567	130	25	to	to	TO
www-sonatype-com-3567	130	26	understand	understand	VB
www-sonatype-com-3567	130	27	and	and	CC
www-sonatype-com-3567	130	28	manage	manage	VB
www-sonatype-com-3567	130	29	the	the	DT
www-sonatype-com-3567	130	30	software	software	NN
www-sonatype-com-3567	130	31	supply	supply	NN
www-sonatype-com-3567	130	32	chain	chain	NN
www-sonatype-com-3567	130	33	threats	threat	NNS
www-sonatype-com-3567	130	34	that	that	WDT
www-sonatype-com-3567	130	35	remain	remain	VBP
www-sonatype-com-3567	130	36	prominent	prominent	JJ
www-sonatype-com-3567	130	37	downstream	downstream	NN
www-sonatype-com-3567	130	38	.	.	.
www-sonatype-com-3567	131	1	Specifically	specifically	RB
www-sonatype-com-3567	131	2	,	,	,
www-sonatype-com-3567	131	3	organi-	organi-	NN
www-sonatype-com-3567	131	4	zations	zation	NNS
www-sonatype-com-3567	131	5	must	must	MD
www-sonatype-com-3567	131	6	establish	establish	VB
www-sonatype-com-3567	131	7	a	a	DT
www-sonatype-com-3567	131	8	“	"	``
www-sonatype-com-3567	131	9	rapid	rapid	JJ
www-sonatype-com-3567	131	10	upgrade	upgrade	NN
www-sonatype-com-3567	131	11	posture	posture	NN
www-sonatype-com-3567	131	12	”	"	''
www-sonatype-com-3567	131	13	so	so	IN
www-sonatype-com-3567	131	14	they	-PRON-	PRP
www-sonatype-com-3567	131	15	can	can	MD
www-sonatype-com-3567	131	16	respond	respond	VB
www-sonatype-com-3567	131	17	quickly	quickly	RB
www-sonatype-com-3567	131	18	to	to	IN
www-sonatype-com-3567	131	19	new	new	JJ
www-sonatype-com-3567	131	20	zero	zero	CD
www-sonatype-com-3567	131	21	-	-	HYPH
www-sonatype-com-3567	131	22	day	day	NN
www-sonatype-com-3567	131	23	disclo-	disclo-	NN
www-sonatype-com-3567	131	24	sures	sure	NNS
www-sonatype-com-3567	131	25	by	by	IN
www-sonatype-com-3567	131	26	finding	find	VBG
www-sonatype-com-3567	131	27	and	and	CC
www-sonatype-com-3567	131	28	fixing	fix	VBG
www-sonatype-com-3567	131	29	vulnerable	vulnerable	JJ
www-sonatype-com-3567	131	30	open	open	JJ
www-sonatype-com-3567	131	31	source	source	NN
www-sonatype-com-3567	131	32	dependencies	dependency	NNS
www-sonatype-com-3567	131	33	in	in	IN
www-sonatype-com-3567	131	34	production	production	NN
www-sonatype-com-3567	131	35	applications	application	NNS
www-sonatype-com-3567	131	36	.	.	.
www-sonatype-com-3567	132	1	Perhaps	perhaps	RB
www-sonatype-com-3567	132	2	the	the	DT
www-sonatype-com-3567	132	3	best	good	JJS
www-sonatype-com-3567	132	4	example	example	NN
www-sonatype-com-3567	132	5	of	of	IN
www-sonatype-com-3567	132	6	why	why	WRB
www-sonatype-com-3567	132	7	this	this	DT
www-sonatype-com-3567	132	8	hygiene	hygiene	NN
www-sonatype-com-3567	132	9	is	be	VBZ
www-sonatype-com-3567	132	10	so	so	RB
www-sonatype-com-3567	132	11	critical	critical	JJ
www-sonatype-com-3567	132	12	is	be	VBZ
www-sonatype-com-3567	132	13	the	the	DT
www-sonatype-com-3567	132	14	Equifax	Equifax	NNP
www-sonatype-com-3567	132	15	breach	breach	NN
www-sonatype-com-3567	132	16	that	that	WDT
www-sonatype-com-3567	132	17	began	begin	VBD
www-sonatype-com-3567	132	18	in	in	IN
www-sonatype-com-3567	132	19	March	March	NNP
www-sonatype-com-3567	132	20	2017	2017	CD
www-sonatype-com-3567	132	21	.	.	.
www-sonatype-com-3567	133	1	Following	follow	VBG
www-sonatype-com-3567	133	2	public	public	JJ
www-sonatype-com-3567	133	3	disclosure	disclosure	NN
www-sonatype-com-3567	133	4	from	from	IN
www-sonatype-com-3567	133	5	the	the	DT
www-sonatype-com-3567	133	6	Apache	Apache	NNP
www-sonatype-com-3567	133	7	Foundation	Foundation	NNP
www-sonatype-com-3567	133	8	pertaining	pertain	VBG
www-sonatype-com-3567	133	9	to	to	IN
www-sonatype-com-3567	133	10	a	a	DT
www-sonatype-com-3567	133	11	severe	severe	JJ
www-sonatype-com-3567	133	12	vulnerability	vulnerability	NN
www-sonatype-com-3567	133	13	in	in	IN
www-sonatype-com-3567	133	14	the	the	DT
www-sonatype-com-3567	133	15	popular	popular	JJ
www-sonatype-com-3567	133	16	Struts2	Struts2	NNP
www-sonatype-com-3567	133	17	Framework	Framework	NNP
www-sonatype-com-3567	133	18	,	,	,
www-sonatype-com-3567	133	19	adversaries	adversary	NNS
www-sonatype-com-3567	133	20	sprang	spring	VBD
www-sonatype-com-3567	133	21	into	into	IN
www-sonatype-com-3567	133	22	action	action	NN
www-sonatype-com-3567	133	23	and	and	CC
www-sonatype-com-3567	133	24	began	begin	VBD
www-sonatype-com-3567	133	25	exploiting	exploit	VBG
www-sonatype-com-3567	133	26	the	the	DT
www-sonatype-com-3567	133	27	newly	newly	RB
www-sonatype-com-3567	133	28	-	-	HYPH
www-sonatype-com-3567	133	29	known	know	VBN
www-sonatype-com-3567	133	30	defect	defect	NN
www-sonatype-com-3567	133	31	within	within	IN
www-sonatype-com-3567	133	32	72	72	CD
www-sonatype-com-3567	133	33	hours	hour	NNS
www-sonatype-com-3567	133	34	,	,	,
www-sonatype-com-3567	133	35	well	well	RB
www-sonatype-com-3567	133	36	before	before	IN
www-sonatype-com-3567	133	37	many	many	JJ
www-sonatype-com-3567	133	38	commer-	commer-	JJ
www-sonatype-com-3567	133	39	cial	cial	JJ
www-sonatype-com-3567	133	40	IT	it	NN
www-sonatype-com-3567	133	41	teams	team	NNS
www-sonatype-com-3567	133	42	(	(	-LRB-
www-sonatype-com-3567	133	43	including	include	VBG
www-sonatype-com-3567	133	44	Equifax	Equifax	NNP
www-sonatype-com-3567	133	45	)	)	-RRB-
www-sonatype-com-3567	133	46	could	could	MD
www-sonatype-com-3567	133	47	respond	respond	VB
www-sonatype-com-3567	133	48	and	and	CC
www-sonatype-com-3567	133	49	update	update	VB
www-sonatype-com-3567	133	50	their	-PRON-	PRP$
www-sonatype-com-3567	133	51	frameworks	framework	NNS
www-sonatype-com-3567	133	52	.	.	.
www-sonatype-com-3567	134	1	This	this	DT
www-sonatype-com-3567	134	2	remarkably	remarkably	RB
www-sonatype-com-3567	134	3	small	small	JJ
www-sonatype-com-3567	134	4	window	window	NN
www-sonatype-com-3567	134	5	to	to	TO
www-sonatype-com-3567	134	6	respond	respond	VB
www-sonatype-com-3567	134	7	led	lead	VBD
www-sonatype-com-3567	134	8	to	to	IN
www-sonatype-com-3567	134	9	numerous	numerous	JJ
www-sonatype-com-3567	134	10	high	high	JJ
www-sonatype-com-3567	134	11	-	-	HYPH
www-sonatype-com-3567	134	12	profile	profile	NN
www-sonatype-com-3567	134	13	breaches	breach	NNS
www-sonatype-com-3567	134	14	,	,	,
www-sonatype-com-3567	134	15	including	include	VBG
www-sonatype-com-3567	134	16	Canada	Canada	NNP
www-sonatype-com-3567	134	17	Statistics	Statistics	NNP
www-sonatype-com-3567	134	18	,	,	,
www-sonatype-com-3567	134	19	Canada	Canada	NNP
www-sonatype-com-3567	134	20	Revenue	Revenue	NNP
www-sonatype-com-3567	134	21	,	,	,
www-sonatype-com-3567	134	22	the	the	DT
www-sonatype-com-3567	134	23	GMO	GMO	NNP
www-sonatype-com-3567	134	24	Payment	Payment	NNP
www-sonatype-com-3567	134	25	Gateway	Gateway	NNP
www-sonatype-com-3567	134	26	,	,	,
www-sonatype-com-3567	134	27	Okinawa	Okinawa	NNP
www-sonatype-com-3567	134	28	Power	Power	NNP
www-sonatype-com-3567	134	29	,	,	,
www-sonatype-com-3567	134	30	Japan	Japan	NNP
www-sonatype-com-3567	134	31	Post	Post	NNP
www-sonatype-com-3567	134	32	,	,	,
www-sonatype-com-3567	134	33	India	India	NNP
www-sonatype-com-3567	134	34	Post	Post	NNP
www-sonatype-com-3567	134	35	,	,	,
www-sonatype-com-3567	134	36	and	and	CC
www-sonatype-com-3567	134	37	India	India	NNP
www-sonatype-com-3567	134	38	’s	’s	POS
www-sonatype-com-3567	134	39	AADHAAR	AADHAAR	NNP
www-sonatype-com-3567	134	40	digital	digital	JJ
www-sonatype-com-3567	134	41	identification	identification	NN
www-sonatype-com-3567	134	42	system	system	NN
www-sonatype-com-3567	134	43	.	.	.
www-sonatype-com-3567	135	1	A	a	DT
www-sonatype-com-3567	135	2	similar	similar	JJ
www-sonatype-com-3567	135	3	exploit	exploit	NN
www-sonatype-com-3567	135	4	timeline	timeline	NN
www-sonatype-com-3567	135	5	played	play	VBD
www-sonatype-com-3567	135	6	out	out	RP
www-sonatype-com-3567	135	7	with	with	IN
www-sonatype-com-3567	135	8	SaltStack	SaltStack	NNP
www-sonatype-com-3567	135	9	this	this	DT
www-sonatype-com-3567	135	10	year	year	NN
www-sonatype-com-3567	135	11	.	.	.
www-sonatype-com-3567	136	1	Vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	136	2	discovered	discover	VBD
www-sonatype-com-3567	136	3	in	in	IN
www-sonatype-com-3567	136	4	the	the	DT
www-sonatype-com-3567	136	5	open	open	JJ
www-sonatype-com-3567	136	6	source	source	NN
www-sonatype-com-3567	136	7	application	application	NN
www-sonatype-com-3567	136	8	were	be	VBD
www-sonatype-com-3567	136	9	announced	announce	VBN
www-sonatype-com-3567	136	10	on	on	IN
www-sonatype-com-3567	136	11	April	April	NNP
www-sonatype-com-3567	136	12	29th	29th	NN
www-sonatype-com-3567	136	13	—	—	:
www-sonatype-com-3567	136	14	along	along	IN
www-sonatype-com-3567	136	15	with	with	IN
www-sonatype-com-3567	136	16	safer	safe	JJR
www-sonatype-com-3567	136	17	,	,	,
www-sonatype-com-3567	136	18	fixed	fix	VBN
www-sonatype-com-3567	136	19	versions	version	NNS
www-sonatype-com-3567	136	20	.	.	.
www-sonatype-com-3567	137	1	Within	within	IN
www-sonatype-com-3567	137	2	three	three	CD
www-sonatype-com-3567	137	3	days	day	NNS
www-sonatype-com-3567	137	4	,	,	,
www-sonatype-com-3567	137	5	26	26	CD
www-sonatype-com-3567	137	6	organizations	organization	NNS
www-sonatype-com-3567	137	7	that	that	WDT
www-sonatype-com-3567	137	8	had	have	VBD
www-sonatype-com-3567	137	9	not	not	RB
www-sonatype-com-3567	137	10	updated	update	VBN
www-sonatype-com-3567	137	11	SaltStack	SaltStack	NNP
www-sonatype-com-3567	137	12	lost	lose	VBD
www-sonatype-com-3567	137	13	control	control	NN
www-sonatype-com-3567	137	14	of	of	IN
www-sonatype-com-3567	137	15	their	-PRON-	PRP$
www-sonatype-com-3567	137	16	application	application	NN
www-sonatype-com-3567	137	17	to	to	IN
www-sonatype-com-3567	137	18	adversaries	adversary	NNS
www-sonatype-com-3567	137	19	(	(	-LRB-
www-sonatype-com-3567	137	20	FIGURE	FIGURE	NNP
www-sonatype-com-3567	137	21	1F).19	1f).19	CD
www-sonatype-com-3567	137	22	The	the	DT
www-sonatype-com-3567	137	23	window	window	NN
www-sonatype-com-3567	137	24	of	of	IN
www-sonatype-com-3567	137	25	exploitability	exploitability	NN
www-sonatype-com-3567	137	26	—	—	:
www-sonatype-com-3567	137	27	once	once	IN
www-sonatype-com-3567	137	28	vulnerabil-	vulnerabil-	JJ
www-sonatype-com-3567	137	29	ities	itie	NNS
www-sonatype-com-3567	137	30	are	be	VBP
www-sonatype-com-3567	137	31	disclosed	disclose	VBN
www-sonatype-com-3567	137	32	—	—	:
www-sonatype-com-3567	137	33	is	be	VBZ
www-sonatype-com-3567	137	34	critical	critical	JJ
www-sonatype-com-3567	137	35	for	for	IN
www-sonatype-com-3567	137	36	enterprises	enterprise	NNS
www-sonatype-com-3567	137	37	to	to	TO
www-sonatype-com-3567	137	38	understand	understand	VB
www-sonatype-com-3567	137	39	.	.	.
www-sonatype-com-3567	138	1	Our	-PRON-	PRP$
www-sonatype-com-3567	138	2	2020	2020	CD
www-sonatype-com-3567	138	3	survey	survey	NN
www-sonatype-com-3567	138	4	of	of	IN
www-sonatype-com-3567	138	5	679	679	CD
www-sonatype-com-3567	138	6	develop-	develop-	NN
www-sonatype-com-3567	138	7	ment	ment	JJ
www-sonatype-com-3567	138	8	professionals	professional	NNS
www-sonatype-com-3567	138	9	revealed	reveal	VBD
www-sonatype-com-3567	138	10	that	that	IN
www-sonatype-com-3567	138	11	only	only	RB
www-sonatype-com-3567	138	12	17	17	CD
www-sonatype-com-3567	138	13	%	%	NN
www-sonatype-com-3567	138	14	of	of	IN
www-sonatype-com-3567	138	15	organizations	organization	NNS
www-sonatype-com-3567	138	16	become	become	VBP
www-sonatype-com-3567	138	17	aware	aware	JJ
www-sonatype-com-3567	138	18	of	of	IN
www-sonatype-com-3567	138	19	new	new	JJ
www-sonatype-com-3567	138	20	open	open	JJ
www-sonatype-com-3567	138	21	source	source	NN
www-sonatype-com-3567	138	22	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	138	23	within	within	IN
www-sonatype-com-3567	138	24	a	a	DT
www-sonatype-com-3567	138	25	day	day	NN
www-sonatype-com-3567	138	26	of	of	IN
www-sonatype-com-3567	138	27	public	public	JJ
www-sonatype-com-3567	138	28	disclosure	disclosure	NN
www-sonatype-com-3567	138	29	.	.	.
www-sonatype-com-3567	139	1	Thirty	thirty	CD
www-sonatype-com-3567	139	2	five	five	CD
www-sonatype-com-3567	139	3	percent	percent	NN
www-sonatype-com-3567	139	4	(	(	-LRB-
www-sonatype-com-3567	139	5	35	35	CD
www-sonatype-com-3567	139	6	%	%	NN
www-sonatype-com-3567	139	7	)	)	-RRB-
www-sonatype-com-3567	139	8	find	find	VBP
www-sonatype-com-3567	139	9	out	out	RP
www-sonatype-com-3567	139	10	within	within	IN
www-sonatype-com-3567	139	11	one	one	CD
www-sonatype-com-3567	139	12	to	to	TO
www-sonatype-com-3567	139	13	seven	seven	CD
www-sonatype-com-3567	139	14	days	day	NNS
www-sonatype-com-3567	139	15	,	,	,
www-sonatype-com-3567	139	16	and	and	CC
www-sonatype-com-3567	139	17	the	the	DT
www-sonatype-com-3567	139	18	remaining	remain	VBG
www-sonatype-com-3567	139	19	48	48	CD
www-sonatype-com-3567	139	20	%	%	NN
www-sonatype-com-3567	139	21	become	become	VBP
www-sonatype-com-3567	139	22	aware	aware	JJ
www-sonatype-com-3567	139	23	of	of	IN
www-sonatype-com-3567	139	24	new	new	JJ
www-sonatype-com-3567	139	25	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	139	26	after	after	IN
www-sonatype-com-3567	139	27	a	a	DT
www-sonatype-com-3567	139	28	week	week	NN
www-sonatype-com-3567	139	29	’s	’s	POS
www-sonatype-com-3567	139	30	time	time	NN
www-sonatype-com-3567	139	31	.	.	.
www-sonatype-com-3567	140	1	Once	once	IN
www-sonatype-com-3567	140	2	an	an	DT
www-sonatype-com-3567	140	3	organization	organization	NN
www-sonatype-com-3567	140	4	becomes	become	VBZ
www-sonatype-com-3567	140	5	aware	aware	JJ
www-sonatype-com-3567	140	6	of	of	IN
www-sonatype-com-3567	140	7	a	a	DT
www-sonatype-com-3567	140	8	new	new	JJ
www-sonatype-com-3567	140	9	open	open	JJ
www-sonatype-com-3567	140	10	source	source	NN
www-sonatype-com-3567	140	11	vulnerability	vulnerability	NN
www-sonatype-com-3567	140	12	,	,	,
www-sonatype-com-3567	140	13	mitigating	mitigate	VBG
www-sonatype-com-3567	140	14	actions	action	NNS
www-sonatype-com-3567	140	15	can	can	MD
www-sonatype-com-3567	140	16	begin	begin	VB
www-sonatype-com-3567	140	17	.	.	.
www-sonatype-com-3567	141	1	The	the	DT
www-sonatype-com-3567	141	2	same	same	JJ
www-sonatype-com-3567	141	3	survey	survey	NN
www-sonatype-com-3567	141	4	revealed	reveal	VBD
www-sonatype-com-3567	141	5	that	that	IN
www-sonatype-com-3567	141	6	51	51	CD
www-sonatype-com-3567	141	7	%	%	NN
www-sonatype-com-3567	141	8	of	of	IN
www-sonatype-com-3567	141	9	participants	participant	NNS
www-sonatype-com-3567	141	10	required	require	VBN
www-sonatype-com-3567	141	11	more	more	JJR
www-sonatype-com-3567	141	12	than	than	IN
www-sonatype-com-3567	141	13	a	a	DT
www-sonatype-com-3567	141	14	week	week	NN
www-sonatype-com-3567	141	15	to	to	TO
www-sonatype-com-3567	141	16	respond	respond	VB
www-sonatype-com-3567	141	17	(	(	-LRB-
www-sonatype-com-3567	141	18	FIGURE	FIGURE	NNP
www-sonatype-com-3567	141	19	1E	1e	NN
www-sonatype-com-3567	141	20	)	)	-RRB-
www-sonatype-com-3567	141	21	.	.	.
www-sonatype-com-3567	142	1	This	this	DT
www-sonatype-com-3567	142	2	means	mean	VBZ
www-sonatype-com-3567	142	3	that	that	IN
www-sonatype-com-3567	142	4	adversaries	adversary	NNS
www-sonatype-com-3567	142	5	averaging	average	VBG
www-sonatype-com-3567	142	6	three	three	CD
www-sonatype-com-3567	142	7	days	day	NNS
www-sonatype-com-3567	142	8	to	to	TO
www-sonatype-com-3567	142	9	exploit	exploit	VB
www-sonatype-com-3567	142	10	newly	newly	RB
www-sonatype-com-3567	142	11	disclosed	disclose	VBN
www-sonatype-com-3567	142	12	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	142	13	hold	hold	VBP
www-sonatype-com-3567	142	14	an	an	DT
www-sonatype-com-3567	142	15	advantage	advantage	NN
www-sonatype-com-3567	142	16	over	over	IN
www-sonatype-com-3567	142	17	half	half	PDT
www-sonatype-com-3567	142	18	their	-PRON-	PRP$
www-sonatype-com-3567	142	19	enterprise	enterprise	NN
www-sonatype-com-3567	142	20	targets	target	NNS
www-sonatype-com-3567	142	21	.	.	.
www-sonatype-com-3567	143	1	With	with	IN
www-sonatype-com-3567	143	2	a	a	DT
www-sonatype-com-3567	143	3	better	well	JJR
www-sonatype-com-3567	143	4	understanding	understanding	NN
www-sonatype-com-3567	143	5	of	of	IN
www-sonatype-com-3567	143	6	adversaries	adversary	NNS
www-sonatype-com-3567	143	7	attack	attack	VBP
www-sonatype-com-3567	143	8	vectors	vector	NNS
www-sonatype-com-3567	143	9	on	on	IN
www-sonatype-com-3567	143	10	software	software	NN
www-sonatype-com-3567	143	11	supply	supply	NN
www-sonatype-com-3567	143	12	chains	chain	NNS
www-sonatype-com-3567	143	13	,	,	,
www-sonatype-com-3567	143	14	our	-PRON-	PRP$
www-sonatype-com-3567	143	15	next	next	JJ
www-sonatype-com-3567	143	16	chapter	chapter	NN
www-sonatype-com-3567	143	17	will	will	MD
www-sonatype-com-3567	143	18	shed	shed	VB
www-sonatype-com-3567	143	19	light	light	NN
www-sonatype-com-3567	143	20	on	on	IN
www-sonatype-com-3567	143	21	the	the	DT
www-sonatype-com-3567	143	22	industry	industry	NN
www-sonatype-com-3567	143	23	’s	’s	POS
www-sonatype-com-3567	143	24	growing	grow	VBG
www-sonatype-com-3567	143	25	supply	supply	NN
www-sonatype-com-3567	143	26	of	of	IN
www-sonatype-com-3567	143	27	and	and	CC
www-sonatype-com-3567	143	28	insatiable	insatiable	JJ
www-sonatype-com-3567	143	29	demand	demand	NN
www-sonatype-com-3567	143	30	for	for	IN
www-sonatype-com-3567	143	31	open	open	JJ
www-sonatype-com-3567	143	32	source	source	NN
www-sonatype-com-3567	143	33	components	component	NNS
www-sonatype-com-3567	143	34	.	.	.
www-sonatype-com-3567	144	1	■	■	NFP
www-sonatype-com-3567	144	2	FIGURE	FIGURE	NNP
www-sonatype-com-3567	144	3	1E	1E	NNP
www-sonatype-com-3567	144	4	Time	time	NN
www-sonatype-com-3567	144	5	to	to	IN
www-sonatype-com-3567	144	6	Remediate	Remediate	NNP
www-sonatype-com-3567	144	7	Known	Known	NNP
www-sonatype-com-3567	144	8	OSS	oss	NN
www-sonatype-com-3567	144	9	Vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	144	10	After	after	IN
www-sonatype-com-3567	144	11	Detection	detection	NN
www-sonatype-com-3567	144	12	102020	102020	CD
www-sonatype-com-3567	144	13	STATE	STATE	NNP
www-sonatype-com-3567	144	14	OF	of	IN
www-sonatype-com-3567	144	15	THE	the	DT
www-sonatype-com-3567	144	16	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	144	17	SUPPLY	supply	NN
www-sonatype-com-3567	144	18	CHAIN	chain	NN
www-sonatype-com-3567	144	19	REPORT	report	NN
www-sonatype-com-3567	144	20	C	c	NN
www-sonatype-com-3567	144	21	H	h	NN
www-sonatype-com-3567	144	22	A	a	NN
www-sonatype-com-3567	144	23	P	p	NN
www-sonatype-com-3567	144	24	T	t	NN
www-sonatype-com-3567	144	25	E	e	NN
www-sonatype-com-3567	144	26	R	r	NN
www-sonatype-com-3567	144	27	1	1	CD
www-sonatype-com-3567	144	28	:	:	:
www-sonatype-com-3567	144	29	O	o	NN
www-sonatype-com-3567	144	30	P	p	NN
www-sonatype-com-3567	144	31	E	e	NN
www-sonatype-com-3567	144	32	N	n	NN
www-sonatype-com-3567	144	33	S	s	NN
www-sonatype-com-3567	144	34	E	e	NN
www-sonatype-com-3567	144	35	A	a	NN
www-sonatype-com-3567	144	36	S	s	NN
www-sonatype-com-3567	144	37	O	o	NN
www-sonatype-com-3567	144	38	N	n	NN
www-sonatype-com-3567	144	39	O	o	NN
www-sonatype-com-3567	144	40	N	n	NN
www-sonatype-com-3567	144	41	O	o	NN
www-sonatype-com-3567	144	42	P	p	NN
www-sonatype-com-3567	144	43	E	e	NN
www-sonatype-com-3567	144	44	N	n	NN
www-sonatype-com-3567	144	45	S	s	NN
www-sonatype-com-3567	144	46	O	o	NN
www-sonatype-com-3567	144	47	U	u	NN
www-sonatype-com-3567	144	48	R	r	NN
www-sonatype-com-3567	144	49	C	c	NN
www-sonatype-com-3567	144	50	E	e	NN
www-sonatype-com-3567	144	51	FIGURE	figure	NN
www-sonatype-com-3567	144	52	1F	1F	NNS
www-sonatype-com-3567	144	53	Adversaries	Adversaries	NNPS
www-sonatype-com-3567	144	54	exploited	exploit	VBD
www-sonatype-com-3567	144	55	open	open	JJ
www-sonatype-com-3567	144	56	source	source	NN
www-sonatype-com-3567	144	57	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	144	58	within	within	IN
www-sonatype-com-3567	144	59	3	3	CD
www-sonatype-com-3567	144	60	days	day	NNS
www-sonatype-com-3567	144	61	of	of	IN
www-sonatype-com-3567	144	62	disclosure	disclosure	NN
www-sonatype-com-3567	144	63	.	.	.
www-sonatype-com-3567	145	1	26	26	CD
www-sonatype-com-3567	145	2	organizations	organization	NNS
www-sonatype-com-3567	145	3	breached	breach	VBN
www-sonatype-com-3567	145	4	in	in	IN
www-sonatype-com-3567	145	5	May	May	NNP
www-sonatype-com-3567	145	6	2020	2020	CD
www-sonatype-com-3567	145	7	.	.	.
www-sonatype-com-3567	146	1	MARCH	MARCH	NNP
www-sonatype-com-3567	146	2	12	12	CD
www-sonatype-com-3567	146	3	Vulnerability	Vulnerability	NNP
www-sonatype-com-3567	146	4	found	find	VBD
www-sonatype-com-3567	146	5	in	in	IN
www-sonatype-com-3567	146	6	SaltStack	SaltStack	NNP
www-sonatype-com-3567	146	7	open	open	JJ
www-sonatype-com-3567	146	8	source	source	NN
www-sonatype-com-3567	146	9	configuration	configuration	NN
www-sonatype-com-3567	146	10	framework	framework	NN
www-sonatype-com-3567	146	11	,	,	,
www-sonatype-com-3567	146	12	available	available	JJ
www-sonatype-com-3567	146	13	as	as	IN
www-sonatype-com-3567	146	14	a	a	DT
www-sonatype-com-3567	146	15	PyPI	pypi	NN
www-sonatype-com-3567	146	16	package	package	NN
www-sonatype-com-3567	146	17	.	.	.
www-sonatype-com-3567	147	1	According	accord	VBG
www-sonatype-com-3567	147	2	to	to	IN
www-sonatype-com-3567	147	3	Flexera	Flexera	NNP
www-sonatype-com-3567	147	4	,	,	,
www-sonatype-com-3567	147	5	Salt	Salt	NNP
www-sonatype-com-3567	147	6	is	be	VBZ
www-sonatype-com-3567	147	7	used	use	VBN
www-sonatype-com-3567	147	8	by	by	IN
www-sonatype-com-3567	147	9	around	around	IN
www-sonatype-com-3567	147	10	17	17	CD
www-sonatype-com-3567	147	11	percent	percent	NN
www-sonatype-com-3567	147	12	of	of	IN
www-sonatype-com-3567	147	13	organizations	organization	NNS
www-sonatype-com-3567	147	14	with	with	IN
www-sonatype-com-3567	147	15	cloud	cloud	NN
www-sonatype-com-3567	147	16	deployments	deployment	NNS
www-sonatype-com-3567	147	17	.	.	.
www-sonatype-com-3567	148	1	Adversaries	adversary	NNS
www-sonatype-com-3567	148	2	exploited	exploit	VBD
www-sonatype-com-3567	148	3	open	open	JJ
www-sonatype-com-3567	148	4	source	source	NN
www-sonatype-com-3567	148	5	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	148	6	within	within	IN
www-sonatype-com-3567	148	7	3	3	CD
www-sonatype-com-3567	148	8	days	day	NNS
www-sonatype-com-3567	148	9	of	of	IN
www-sonatype-com-3567	148	10	disclosure	disclosure	NN
www-sonatype-com-3567	148	11	.	.	.
www-sonatype-com-3567	149	1	26	26	CD
www-sonatype-com-3567	149	2	organizations	organization	NNS
www-sonatype-com-3567	149	3	breached	breach	VBN
www-sonatype-com-3567	149	4	in	in	IN
www-sonatype-com-3567	149	5	May	May	NNP
www-sonatype-com-3567	149	6	2020	2020	CD
www-sonatype-com-3567	149	7	.	.	.
www-sonatype-com-3567	150	1	MARCH	MARCH	NNP
www-sonatype-com-3567	150	2	24	24	CD
www-sonatype-com-3567	150	3	SaltStack	SaltStack	NNP
www-sonatype-com-3567	150	4	confirms	confirm	VBZ
www-sonatype-com-3567	150	5	receipt	receipt	NN
www-sonatype-com-3567	150	6	of	of	IN
www-sonatype-com-3567	150	7	vulnerability	vulnerability	NN
www-sonatype-com-3567	150	8	report	report	NN
www-sonatype-com-3567	150	9	.	.	.
www-sonatype-com-3567	151	1	APRIL	APRIL	NNP
www-sonatype-com-3567	151	2	15	15	CD
www-sonatype-com-3567	151	3	F	f	NN
www-sonatype-com-3567	151	4	-	-	HYPH
www-sonatype-com-3567	151	5	secure	secure	JJ
www-sonatype-com-3567	151	6	informs	inform	NNS
www-sonatype-com-3567	151	7	SaltStack	SaltStack	NNP
www-sonatype-com-3567	151	8	of	of	IN
www-sonatype-com-3567	151	9	6,000	6,000	CD
www-sonatype-com-3567	151	10	publicly	publicly	RB
www-sonatype-com-3567	151	11	exposed	expose	VBN
www-sonatype-com-3567	151	12	Salt	Salt	NNP
www-sonatype-com-3567	151	13	Masters	Masters	NNP
www-sonatype-com-3567	151	14	at	at	IN
www-sonatype-com-3567	151	15	risk	risk	NN
www-sonatype-com-3567	151	16	of	of	IN
www-sonatype-com-3567	151	17	compromise	compromise	NN
www-sonatype-com-3567	151	18	.	.	.
www-sonatype-com-3567	152	1	APRIL	APRIL	NNP
www-sonatype-com-3567	152	2	23	23	CD
www-sonatype-com-3567	152	3	SaltStack	SaltStack	NNP
www-sonatype-com-3567	152	4	publishes	publish	VBZ
www-sonatype-com-3567	152	5	advance	advance	JJ
www-sonatype-com-3567	152	6	notice	notice	NN
www-sonatype-com-3567	152	7	to	to	IN
www-sonatype-com-3567	152	8	their	-PRON-	PRP$
www-sonatype-com-3567	152	9	users	user	NNS
www-sonatype-com-3567	152	10	urging	urge	VBG
www-sonatype-com-3567	152	11	them	-PRON-	PRP
www-sonatype-com-3567	152	12	not	not	RB
www-sonatype-com-3567	152	13	to	to	TO
www-sonatype-com-3567	152	14	expose	expose	VB
www-sonatype-com-3567	152	15	Salt	Salt	NNP
www-sonatype-com-3567	152	16	Masters	Masters	NNP
www-sonatype-com-3567	152	17	to	to	IN
www-sonatype-com-3567	152	18	the	the	DT
www-sonatype-com-3567	152	19	internet	internet	NN
www-sonatype-com-3567	152	20	and	and	CC
www-sonatype-com-3567	152	21	prepare	prepare	VB
www-sonatype-com-3567	152	22	to	to	TO
www-sonatype-com-3567	152	23	apply	apply	VB
www-sonatype-com-3567	152	24	patch	patch	NN
www-sonatype-com-3567	152	25	on	on	IN
www-sonatype-com-3567	152	26	April	April	NNP
www-sonatype-com-3567	152	27	29th	29th	NN
www-sonatype-com-3567	152	28	.	.	.
www-sonatype-com-3567	153	1	APRIL	APRIL	NNP
www-sonatype-com-3567	153	2	29	29	CD
www-sonatype-com-3567	153	3	SaltStack	SaltStack	NNP
www-sonatype-com-3567	153	4	publishes	publish	VBZ
www-sonatype-com-3567	153	5	version	version	NN
www-sonatype-com-3567	153	6	3000.2	3000.2	CD
www-sonatype-com-3567	153	7	and	and	CC
www-sonatype-com-3567	153	8	2019.2.4	2019.2.4	CD
www-sonatype-com-3567	153	9	to	to	TO
www-sonatype-com-3567	153	10	fix	fix	VB
www-sonatype-com-3567	153	11	issue	issue	NN
www-sonatype-com-3567	153	12	and	and	CC
www-sonatype-com-3567	153	13	shares	share	NNS
www-sonatype-com-3567	153	14	identifiers	identifier	NNS
www-sonatype-com-3567	153	15	:	:	:
www-sonatype-com-3567	153	16	CVE-2020	CVE-2020	NNP
www-sonatype-com-3567	153	17	-	-	HYPH
www-sonatype-com-3567	153	18	11651	11651	CD
www-sonatype-com-3567	153	19	and	and	CC
www-sonatype-com-3567	153	20	CVE-	CVE-	NNP
www-sonatype-com-3567	153	21	2020	2020	CD
www-sonatype-com-3567	153	22	-	-	SYM
www-sonatype-com-3567	153	23	11652	11652	CD
www-sonatype-com-3567	153	24	.	.	.
www-sonatype-com-3567	154	1	F	F	NNP
www-sonatype-com-3567	154	2	-	-	HYPH
www-sonatype-com-3567	154	3	Secure	Secure	NNP
www-sonatype-com-3567	154	4	:	:	:
www-sonatype-com-3567	154	5	“	"	``
www-sonatype-com-3567	154	6	We	-PRON-	PRP
www-sonatype-com-3567	154	7	expect	expect	VBP
www-sonatype-com-3567	154	8	that	that	IN
www-sonatype-com-3567	154	9	any	any	DT
www-sonatype-com-3567	154	10	competent	competent	JJ
www-sonatype-com-3567	154	11	hacker	hacker	NN
www-sonatype-com-3567	154	12	will	will	MD
www-sonatype-com-3567	154	13	be	be	VB
www-sonatype-com-3567	154	14	able	able	JJ
www-sonatype-com-3567	154	15	to	to	TO
www-sonatype-com-3567	154	16	create	create	VB
www-sonatype-com-3567	154	17	100	100	CD
www-sonatype-com-3567	154	18	%	%	NN
www-sonatype-com-3567	154	19	reliable	reliable	JJ
www-sonatype-com-3567	154	20	exploits	exploit	NNS
www-sonatype-com-3567	154	21	for	for	IN
www-sonatype-com-3567	154	22	these	these	DT
www-sonatype-com-3567	154	23	issues	issue	NNS
www-sonatype-com-3567	154	24	in	in	IN
www-sonatype-com-3567	154	25	under	under	IN
www-sonatype-com-3567	154	26	24	24	CD
www-sonatype-com-3567	154	27	hours	hour	NNS
www-sonatype-com-3567	154	28	.	.	.
www-sonatype-com-3567	154	29	”	"	''
www-sonatype-com-3567	154	30	Coordinated	Coordinated	NNP
www-sonatype-com-3567	154	31	Disclosure	Disclosure	NNP
www-sonatype-com-3567	154	32	MAY	MAY	NNP
www-sonatype-com-3567	154	33	2	2	CD
www-sonatype-com-3567	154	34	LineageOS	LineageOS	NNP
www-sonatype-com-3567	154	35	,	,	,
www-sonatype-com-3567	154	36	a	a	DT
www-sonatype-com-3567	154	37	maker	maker	NN
www-sonatype-com-3567	154	38	of	of	IN
www-sonatype-com-3567	154	39	an	an	DT
www-sonatype-com-3567	154	40	open	open	JJ
www-sonatype-com-3567	154	41	source	source	NN
www-sonatype-com-3567	154	42	operating	operate	VBG
www-sonatype-com-3567	154	43	system	system	NN
www-sonatype-com-3567	154	44	based	base	VBN
www-sonatype-com-3567	154	45	on	on	IN
www-sonatype-com-3567	154	46	Android	Android	NNP
www-sonatype-com-3567	154	47	,	,	,
www-sonatype-com-3567	154	48	said	say	VBD
www-sonatype-com-3567	154	49	it	-PRON-	PRP
www-sonatype-com-3567	154	50	detected	detect	VBD
www-sonatype-com-3567	154	51	the	the	DT
www-sonatype-com-3567	154	52	intrusion	intrusion	NN
www-sonatype-com-3567	154	53	on	on	IN
www-sonatype-com-3567	154	54	May	May	NNP
www-sonatype-com-3567	154	55	2nd	2nd	NN
www-sonatype-com-3567	154	56	at	at	IN
www-sonatype-com-3567	154	57	around	around	RB
www-sonatype-com-3567	154	58	8	8	CD
www-sonatype-com-3567	154	59	pm	pm	NN
www-sonatype-com-3567	154	60	Pacific	Pacific	NNP
www-sonatype-com-3567	154	61	Time	Time	NNP
www-sonatype-com-3567	154	62	.	.	.
www-sonatype-com-3567	155	1	MAY	MAY	NNP
www-sonatype-com-3567	155	2	3	3	CD
www-sonatype-com-3567	155	3	DigiCert	DigiCert	NNP
www-sonatype-com-3567	155	4	reported	report	VBD
www-sonatype-com-3567	155	5	that	that	IN
www-sonatype-com-3567	155	6	one	one	CD
www-sonatype-com-3567	155	7	of	of	IN
www-sonatype-com-3567	155	8	its	-PRON-	PRP$
www-sonatype-com-3567	155	9	Certificate	Certificate	NNP
www-sonatype-com-3567	155	10	Transparency	Transparency	NNP
www-sonatype-com-3567	155	11	logs	log	NNS
www-sonatype-com-3567	155	12	was	be	VBD
www-sonatype-com-3567	155	13	affected	affect	VBN
www-sonatype-com-3567	155	14	after	after	IN
www-sonatype-com-3567	155	15	attackers	attacker	NNS
www-sonatype-com-3567	155	16	used	use	VBD
www-sonatype-com-3567	155	17	the	the	DT
www-sonatype-com-3567	155	18	Salt	Salt	NNP
www-sonatype-com-3567	155	19	exploits	exploit	NNS
www-sonatype-com-3567	155	20	.	.	.
www-sonatype-com-3567	156	1	Ghost	ghost	NN
www-sonatype-com-3567	156	2	,	,	,
www-sonatype-com-3567	156	3	a	a	DT
www-sonatype-com-3567	156	4	node.js	node.js	ADD
www-sonatype-com-3567	156	5	blogging	blogging	NN
www-sonatype-com-3567	156	6	platform	platform	NN
www-sonatype-com-3567	156	7	,	,	,
www-sonatype-com-3567	156	8	reports	report	VBZ
www-sonatype-com-3567	156	9	an	an	DT
www-sonatype-com-3567	156	10	attacker	attacker	NN
www-sonatype-com-3567	156	11	used	use	VBD
www-sonatype-com-3567	156	12	a	a	DT
www-sonatype-com-3567	156	13	CVE	CVE	NNP
www-sonatype-com-3567	156	14	in	in	IN
www-sonatype-com-3567	156	15	our	-PRON-	PRP$
www-sonatype-com-3567	156	16	SaltStack	SaltStack	NNP
www-sonatype-com-3567	156	17	master	master	NN
www-sonatype-com-3567	156	18	to	to	TO
www-sonatype-com-3567	156	19	gain	gain	VB
www-sonatype-com-3567	156	20	access	access	NN
www-sonatype-com-3567	156	21	to	to	IN
www-sonatype-com-3567	156	22	our	-PRON-	PRP$
www-sonatype-com-3567	156	23	infrastructure	infrastructure	NN
www-sonatype-com-3567	156	24	and	and	CC
www-sonatype-com-3567	156	25	install	install	VB
www-sonatype-com-3567	156	26	a	a	DT
www-sonatype-com-3567	156	27	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	156	28	miner	miner	NN
www-sonatype-com-3567	156	29	.	.	.
www-sonatype-com-3567	157	1	Xen	Xen	NNP
www-sonatype-com-3567	157	2	-	-	HYPH
www-sonatype-com-3567	157	3	Orchestra	Orchestra	NNP
www-sonatype-com-3567	157	4	reports	report	VBZ
www-sonatype-com-3567	157	5	coin	coin	NN
www-sonatype-com-3567	157	6	mining	mining	NN
www-sonatype-com-3567	157	7	script	script	NN
www-sonatype-com-3567	157	8	ran	run	VBD
www-sonatype-com-3567	157	9	on	on	IN
www-sonatype-com-3567	157	10	some	some	DT
www-sonatype-com-3567	157	11	of	of	IN
www-sonatype-com-3567	157	12	their	-PRON-	PRP$
www-sonatype-com-3567	157	13	VMs	vm	NNS
www-sonatype-com-3567	157	14	tied	tie	VBN
www-sonatype-com-3567	157	15	to	to	IN
www-sonatype-com-3567	157	16	SaltStack	SaltStack	NNP
www-sonatype-com-3567	157	17	vulnerability	vulnerability	NN
www-sonatype-com-3567	157	18	.	.	.
www-sonatype-com-3567	158	1	Algolia	Algolia	NNP
www-sonatype-com-3567	158	2	reports	report	VBZ
www-sonatype-com-3567	158	3	hackers	hacker	NNS
www-sonatype-com-3567	158	4	installed	instal	VBD
www-sonatype-com-3567	158	5	a	a	DT
www-sonatype-com-3567	158	6	backdoor	backdoor	NN
www-sonatype-com-3567	158	7	and	and	CC
www-sonatype-com-3567	158	8	a	a	DT
www-sonatype-com-3567	158	9	cryptocurrency	cryptocurrency	NN
www-sonatype-com-3567	158	10	miner	miner	NN
www-sonatype-com-3567	158	11	on	on	IN
www-sonatype-com-3567	158	12	a	a	DT
www-sonatype-com-3567	158	13	small	small	JJ
www-sonatype-com-3567	158	14	number	number	NN
www-sonatype-com-3567	158	15	of	of	IN
www-sonatype-com-3567	158	16	its	-PRON-	PRP$
www-sonatype-com-3567	158	17	servers	server	NNS
www-sonatype-com-3567	158	18	.	.	.
www-sonatype-com-3567	159	1	APRIL	APRIL	NNP
www-sonatype-com-3567	159	2	30	30	CD
www-sonatype-com-3567	159	3	Sonatype	Sonatype	NNP
www-sonatype-com-3567	159	4	ingests	ingest	VBZ
www-sonatype-com-3567	159	5	the	the	DT
www-sonatype-com-3567	159	6	CVE	CVE	NNP
www-sonatype-com-3567	159	7	information	information	NN
www-sonatype-com-3567	159	8	.	.	.
www-sonatype-com-3567	160	1	MAY	MAY	NNP
www-sonatype-com-3567	160	2	2	2	CD
www-sonatype-com-3567	160	3	15	15	CD
www-sonatype-com-3567	160	4	breaches	breach	NNS
www-sonatype-com-3567	160	5	noted	note	VBN
www-sonatype-com-3567	160	6	on	on	IN
www-sonatype-com-3567	160	7	GitHub	GitHub	NNP
www-sonatype-com-3567	160	8	accounts	account	NNS
www-sonatype-com-3567	160	9	•	•	NNP
www-sonatype-com-3567	160	10	xiaopanggege	xiaopanggege	VBD
www-sonatype-com-3567	160	11	:	:	:
www-sonatype-com-3567	160	12	an	an	DT
www-sonatype-com-3567	160	13	unknown	unknown	JJ
www-sonatype-com-3567	160	14	program	program	NN
www-sonatype-com-3567	160	15	suddenly	suddenly	RB
www-sonatype-com-3567	160	16	ran	run	VBD
www-sonatype-com-3567	160	17	today	today	NN
www-sonatype-com-3567	160	18	•	•	NNP
www-sonatype-com-3567	160	19	atuchak	atuchak	NN
www-sonatype-com-3567	160	20	:	:	:
www-sonatype-com-3567	160	21	I	-PRON-	PRP
www-sonatype-com-3567	160	22	have	have	VBP
www-sonatype-com-3567	160	23	the	the	DT
www-sonatype-com-3567	160	24	same	same	JJ
www-sonatype-com-3567	160	25	•	•	NN
www-sonatype-com-3567	160	26	nepetadosmil	nepetadosmil	NN
www-sonatype-com-3567	160	27	:	:	:
www-sonatype-com-3567	160	28	gents	gent	NNS
www-sonatype-com-3567	160	29	,	,	,
www-sonatype-com-3567	160	30	this	this	DT
www-sonatype-com-3567	160	31	is	be	VBZ
www-sonatype-com-3567	160	32	an	an	DT
www-sonatype-com-3567	160	33	attack	attack	NN
www-sonatype-com-3567	160	34	.	.	.
www-sonatype-com-3567	161	1	We	-PRON-	PRP
www-sonatype-com-3567	161	2	’ve	have	VB
www-sonatype-com-3567	161	3	had	have	VBD
www-sonatype-com-3567	161	4	all	all	DT
www-sonatype-com-3567	161	5	firewalls	firewall	NNS
www-sonatype-com-3567	161	6	disabled	disabled	JJ
www-sonatype-com-3567	161	7	•	•	NNP
www-sonatype-com-3567	161	8	aidanstevens29	aidanstevens29	NNP
www-sonatype-com-3567	161	9	:	:	:
www-sonatype-com-3567	161	10	a	a	DT
www-sonatype-com-3567	161	11	backdoor	backdoor	NN
www-sonatype-com-3567	161	12	was	be	VBD
www-sonatype-com-3567	161	13	also	also	RB
www-sonatype-com-3567	161	14	installed	instal	VBN
www-sonatype-com-3567	161	15	via	via	IN
www-sonatype-com-3567	161	16	the	the	DT
www-sonatype-com-3567	161	17	exploit	exploit	NN
www-sonatype-com-3567	161	18	•	•	NNP
www-sonatype-com-3567	161	19	ndmgrphc	ndmgrphc	NN
www-sonatype-com-3567	161	20	:	:	:
www-sonatype-com-3567	161	21	entire	entire	JJ
www-sonatype-com-3567	161	22	system	system	NN
www-sonatype-com-3567	161	23	is	be	VBZ
www-sonatype-com-3567	161	24	being	be	VBG
www-sonatype-com-3567	161	25	taken	take	VBN
www-sonatype-com-3567	161	26	down	down	RP
www-sonatype-com-3567	161	27	•	•	NN
www-sonatype-com-3567	161	28	nebev	nebev	NN
www-sonatype-com-3567	161	29	:	:	:
www-sonatype-com-3567	161	30	been	be	VBN
www-sonatype-com-3567	161	31	affected	affect	VBN
www-sonatype-com-3567	161	32	:(	:(	NFP
www-sonatype-com-3567	161	33	•	•	NNP
www-sonatype-com-3567	161	34	venugopalnaidu	venugopalnaidu	RB
www-sonatype-com-3567	161	35	:	:	:
www-sonatype-com-3567	161	36	we	-PRON-	PRP
www-sonatype-com-3567	161	37	got	get	VBD
www-sonatype-com-3567	161	38	the	the	DT
www-sonatype-com-3567	161	39	same	same	JJ
www-sonatype-com-3567	161	40	issue	issue	NN
www-sonatype-com-3567	161	41	•	•	NNP
www-sonatype-com-3567	161	42	gorgeousJ	gorgeousJ	NNP
www-sonatype-com-3567	161	43	:	:	:
www-sonatype-com-3567	161	44	same	same	JJ
www-sonatype-com-3567	161	45	thing	thing	NN
www-sonatype-com-3567	161	46	in	in	IN
www-sonatype-com-3567	161	47	my	-PRON-	PRP$
www-sonatype-com-3567	161	48	servers	server	NNS
www-sonatype-com-3567	161	49	•	•	NNP
www-sonatype-com-3567	161	50	atastycookie	atastycookie	NN
www-sonatype-com-3567	161	51	:	:	:
www-sonatype-com-3567	161	52	we	-PRON-	PRP
www-sonatype-com-3567	161	53	are	be	VBP
www-sonatype-com-3567	161	54	investigating	investigate	VBG
www-sonatype-com-3567	161	55	•	•	NNP
www-sonatype-com-3567	161	56	leeyo	leeyo	NN
www-sonatype-com-3567	161	57	:	:	:
www-sonatype-com-3567	161	58	we	-PRON-	PRP
www-sonatype-com-3567	161	59	have	have	VBP
www-sonatype-com-3567	161	60	the	the	DT
www-sonatype-com-3567	161	61	same	same	JJ
www-sonatype-com-3567	161	62	problem	problem	NN
www-sonatype-com-3567	161	63	•	•	NNP
www-sonatype-com-3567	161	64	avasz	avasz	VBP
www-sonatype-com-3567	161	65	:	:	:
www-sonatype-com-3567	161	66	It	-PRON-	PRP
www-sonatype-com-3567	161	67	also	also	RB
www-sonatype-com-3567	161	68	stopped	stop	VBD
www-sonatype-com-3567	161	69	and	and	CC
www-sonatype-com-3567	161	70	disabled	disabled	JJ
www-sonatype-com-3567	161	71	docker	docker	NN
www-sonatype-com-3567	161	72	services	service	NNS
www-sonatype-com-3567	161	73	•	•	NNP
www-sonatype-com-3567	161	74	aldenar	aldenar	NN
www-sonatype-com-3567	161	75	:	:	:
www-sonatype-com-3567	161	76	looking	look	VBG
www-sonatype-com-3567	161	77	through	through	IN
www-sonatype-com-3567	161	78	my	-PRON-	PRP$
www-sonatype-com-3567	161	79	affected	affect	VBN
www-sonatype-com-3567	161	80	machines	machine	NNS
www-sonatype-com-3567	161	81	,	,	,
www-sonatype-com-3567	161	82	a	a	DT
www-sonatype-com-3567	161	83	dropper	dropper	NN
www-sonatype-com-3567	161	84	scriptfile	scriptfile	NN
www-sonatype-com-3567	161	85	was	be	VBD
www-sonatype-com-3567	161	86	found	find	VBN
www-sonatype-com-3567	161	87	•	•	NNP
www-sonatype-com-3567	161	88	foobartender	foobartender	NN
www-sonatype-com-3567	161	89	:	:	:
www-sonatype-com-3567	161	90	it	-PRON-	PRP
www-sonatype-com-3567	161	91	also	also	RB
www-sonatype-com-3567	161	92	adds	add	VBZ
www-sonatype-com-3567	161	93	a	a	DT
www-sonatype-com-3567	161	94	key	key	NN
www-sonatype-com-3567	161	95	to	to	IN
www-sonatype-com-3567	161	96	/root/.ssh	/root/.ssh	NNP
www-sonatype-com-3567	161	97	/	/	SYM
www-sonatype-com-3567	161	98	authorized_keys	authorized_keys	NNP
www-sonatype-com-3567	161	99	•	•	NNP
www-sonatype-com-3567	161	100	bruxy	bruxy	VBD
www-sonatype-com-3567	161	101	:	:	:
www-sonatype-com-3567	161	102	same	same	JJ
www-sonatype-com-3567	161	103	issue	issue	NN
www-sonatype-com-3567	161	104	here	here	RB
www-sonatype-com-3567	161	105	•	•	VBP
www-sonatype-com-3567	161	106	mcpcholkin	mcpcholkin	NNP
www-sonatype-com-3567	161	107	:	:	:
www-sonatype-com-3567	161	108	I	-PRON-	PRP
www-sonatype-com-3567	161	109	found	find	VBD
www-sonatype-com-3567	161	110	it	-PRON-	PRP
www-sonatype-com-3567	161	111	only	only	RB
www-sonatype-com-3567	161	112	on	on	IN
www-sonatype-com-3567	161	113	one	one	CD
www-sonatype-com-3567	161	114	server	server	NN
www-sonatype-com-3567	161	115	•	•	NNP
www-sonatype-com-3567	161	116	wavded	wavde	VBD
www-sonatype-com-3567	161	117	:	:	:
www-sonatype-com-3567	161	118	we	-PRON-	PRP
www-sonatype-com-3567	161	119	had	have	VBD
www-sonatype-com-3567	161	120	one	one	CD
www-sonatype-com-3567	161	121	job	job	NN
www-sonatype-com-3567	161	122	that	that	WDT
www-sonatype-com-3567	161	123	was	be	VBD
www-sonatype-com-3567	161	124	executed	execute	VBN
www-sonatype-com-3567	161	125	that	that	WDT
www-sonatype-com-3567	161	126	did	do	VBD
www-sonatype-com-3567	161	127	the	the	DT
www-sonatype-com-3567	161	128	following	following	NN
www-sonatype-com-3567	161	129	on	on	IN
www-sonatype-com-3567	161	130	each	each	DT
www-sonatype-com-3567	161	131	server	server	NN
www-sonatype-com-3567	161	132	•	•	NNP
www-sonatype-com-3567	161	133	justinimn	justinimn	NN
www-sonatype-com-3567	161	134	:	:	:
www-sonatype-com-3567	161	135	I	-PRON-	PRP
www-sonatype-com-3567	161	136	got	get	VBD
www-sonatype-com-3567	161	137	hit	hit	VBN
www-sonatype-com-3567	161	138	a	a	DT
www-sonatype-com-3567	161	139	few	few	JJ
www-sonatype-com-3567	161	140	hours	hour	NNS
www-sonatype-com-3567	161	141	ago	ago	RB
www-sonatype-com-3567	161	142	•	•	NNP
www-sonatype-com-3567	161	143	curu	curu	NN
www-sonatype-com-3567	161	144	:	:	:
www-sonatype-com-3567	161	145	Firewall	firewall	NN
www-sonatype-com-3567	161	146	rules	rule	NNS
www-sonatype-com-3567	161	147	stopped	stop	VBD
www-sonatype-com-3567	161	148	and	and	CC
www-sonatype-com-3567	161	149	disabled	disabled	JJ
www-sonatype-com-3567	161	150	•	•	NNP
www-sonatype-com-3567	161	151	jblac	jblac	NNS
www-sonatype-com-3567	161	152	:	:	:
www-sonatype-com-3567	161	153	it	-PRON-	PRP
www-sonatype-com-3567	161	154	's	be	VBZ
www-sonatype-com-3567	161	155	the	the	DT
www-sonatype-com-3567	161	156	same	same	JJ
www-sonatype-com-3567	161	157	issue	issue	NN
www-sonatype-com-3567	161	158	I	-PRON-	PRP
www-sonatype-com-3567	161	159	was	be	VBD
www-sonatype-com-3567	161	160	plagued	plague	VBN
www-sonatype-com-3567	161	161	with	with	IN
www-sonatype-com-3567	161	162	•	•	NNP
www-sonatype-com-3567	161	163	heruan	heruan	NNP
www-sonatype-com-3567	161	164	:	:	:
www-sonatype-com-3567	161	165	minor	minor	JJ
www-sonatype-com-3567	161	166	jobs	job	NNS
www-sonatype-com-3567	161	167	are	be	VBP
www-sonatype-com-3567	161	168	still	still	RB
www-sonatype-com-3567	161	169	spawning	spawn	VBG
www-sonatype-com-3567	161	170	on	on	IN
www-sonatype-com-3567	161	171	minions	minion	NNS
www-sonatype-com-3567	161	172	Exploits	exploit	NNS
www-sonatype-com-3567	161	173	Begin	begin	VB
www-sonatype-com-3567	161	174	Within	within	IN
www-sonatype-com-3567	161	175	3	3	CD
www-sonatype-com-3567	161	176	Days	day	NNS
www-sonatype-com-3567	161	177	Update	update	NN
www-sonatype-com-3567	161	178	Before	before	IN
www-sonatype-com-3567	161	179	Exploits	exploit	NNS
www-sonatype-com-3567	161	180	Begin	begin	VBP
www-sonatype-com-3567	161	181	MAY	MAY	NNP
www-sonatype-com-3567	161	182	7	7	CD
www-sonatype-com-3567	161	183	Cisco	Cisco	NNP
www-sonatype-com-3567	161	184	discovered	discover	VBD
www-sonatype-com-3567	161	185	the	the	DT
www-sonatype-com-3567	161	186	compromise	compromise	NN
www-sonatype-com-3567	161	187	of	of	IN
www-sonatype-com-3567	161	188	six	six	CD
www-sonatype-com-3567	161	189	of	of	IN
www-sonatype-com-3567	161	190	their	-PRON-	PRP$
www-sonatype-com-3567	161	191	Salt	Salt	NNP
www-sonatype-com-3567	161	192	master	master	NN
www-sonatype-com-3567	161	193	servers	server	NNS
www-sonatype-com-3567	161	194	,	,	,
www-sonatype-com-3567	161	195	which	which	WDT
www-sonatype-com-3567	161	196	are	be	VBP
www-sonatype-com-3567	161	197	part	part	NN
www-sonatype-com-3567	161	198	of	of	IN
www-sonatype-com-3567	161	199	the	the	DT
www-sonatype-com-3567	161	200	Cisco	Cisco	NNP
www-sonatype-com-3567	161	201	VIRL	VIRL	NNP
www-sonatype-com-3567	161	202	-	-	HYPH
www-sonatype-com-3567	161	203	PE	PE	NNP
www-sonatype-com-3567	161	204	(	(	-LRB-
www-sonatype-com-3567	161	205	Internet	internet	NN
www-sonatype-com-3567	161	206	Routing	Routing	NNP
www-sonatype-com-3567	161	207	Lab	Lab	NNP
www-sonatype-com-3567	161	208	Personal	Personal	NNP
www-sonatype-com-3567	161	209	Edition	Edition	NNP
www-sonatype-com-3567	161	210	)	)	-RRB-
www-sonatype-com-3567	161	211	service	service	NN
www-sonatype-com-3567	161	212	infrastructure	infrastructure	NN
www-sonatype-com-3567	161	213	.	.	.
www-sonatype-com-3567	162	1	MAY	MAY	NNP
www-sonatype-com-3567	162	2	12	12	CD
www-sonatype-com-3567	162	3	Censys	Censys	NNP
www-sonatype-com-3567	162	4	reports	report	VBZ
www-sonatype-com-3567	162	5	the	the	DT
www-sonatype-com-3567	162	6	number	number	NN
www-sonatype-com-3567	162	7	stands	stand	VBZ
www-sonatype-com-3567	162	8	at	at	IN
www-sonatype-com-3567	162	9	2,928	2,928	CD
www-sonatype-com-3567	162	10	Salt	Salt	NNP
www-sonatype-com-3567	162	11	servers	server	NNS
www-sonatype-com-3567	162	12	still	still	RB
www-sonatype-com-3567	162	13	exposed	expose	VBD
www-sonatype-com-3567	162	14	—	—	:
www-sonatype-com-3567	162	15	a	a	DT
www-sonatype-com-3567	162	16	21	21	CD
www-sonatype-com-3567	162	17	%	%	NN
www-sonatype-com-3567	162	18	reduction	reduction	NN
www-sonatype-com-3567	162	19	from	from	IN
www-sonatype-com-3567	162	20	last	last	JJ
www-sonatype-com-3567	162	21	week	week	NN
www-sonatype-com-3567	162	22	,	,	,
www-sonatype-com-3567	162	23	and	and	CC
www-sonatype-com-3567	162	24	a	a	DT
www-sonatype-com-3567	162	25	50	50	CD
www-sonatype-com-3567	162	26	%	%	NN
www-sonatype-com-3567	162	27	reduction	reduction	NN
www-sonatype-com-3567	162	28	overall	overall	RB
www-sonatype-com-3567	162	29	since	since	IN
www-sonatype-com-3567	162	30	the	the	DT
www-sonatype-com-3567	162	31	CVE	CVE	NNP
www-sonatype-com-3567	162	32	was	be	VBD
www-sonatype-com-3567	162	33	announced	announce	VBN
www-sonatype-com-3567	162	34	.	.	.
www-sonatype-com-3567	163	1	Exploits	exploit	NNS
www-sonatype-com-3567	163	2	Continue	continue	VBP
www-sonatype-com-3567	163	3	and	and	CC
www-sonatype-com-3567	163	4	Sites	site	NNS
www-sonatype-com-3567	163	5	Remain	remain	VBP
www-sonatype-com-3567	163	6	Vulnerable	vulnerable	JJ
www-sonatype-com-3567	163	7	112020	112020	CD
www-sonatype-com-3567	163	8	STATE	STATE	NNP
www-sonatype-com-3567	163	9	OF	of	IN
www-sonatype-com-3567	163	10	THE	the	DT
www-sonatype-com-3567	163	11	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	163	12	SUPPLY	supply	NN
www-sonatype-com-3567	163	13	CHAIN	chain	NN
www-sonatype-com-3567	163	14	REPORT	report	NN
www-sonatype-com-3567	163	15	C	c	NN
www-sonatype-com-3567	163	16	H	h	NN
www-sonatype-com-3567	163	17	A	a	NN
www-sonatype-com-3567	163	18	P	p	NN
www-sonatype-com-3567	163	19	T	t	NN
www-sonatype-com-3567	163	20	E	e	NN
www-sonatype-com-3567	163	21	R	r	NN
www-sonatype-com-3567	163	22	1	1	CD
www-sonatype-com-3567	163	23	:	:	:
www-sonatype-com-3567	163	24	O	o	NN
www-sonatype-com-3567	163	25	P	p	NN
www-sonatype-com-3567	163	26	E	e	NN
www-sonatype-com-3567	163	27	N	n	NN
www-sonatype-com-3567	163	28	S	s	NN
www-sonatype-com-3567	163	29	E	e	NN
www-sonatype-com-3567	163	30	A	a	NN
www-sonatype-com-3567	163	31	S	s	NN
www-sonatype-com-3567	163	32	O	o	NN
www-sonatype-com-3567	163	33	N	n	NN
www-sonatype-com-3567	163	34	O	o	NN
www-sonatype-com-3567	163	35	N	n	NN
www-sonatype-com-3567	163	36	O	o	NN
www-sonatype-com-3567	163	37	P	p	NN
www-sonatype-com-3567	163	38	E	e	NN
www-sonatype-com-3567	163	39	N	n	NN
www-sonatype-com-3567	163	40	S	s	NN
www-sonatype-com-3567	163	41	O	o	NN
www-sonatype-com-3567	163	42	U	u	NN
www-sonatype-com-3567	163	43	R	r	NN
www-sonatype-com-3567	163	44	C	c	NN
www-sonatype-com-3567	163	45	E	e	NN
www-sonatype-com-3567	163	46	CHAPTER	chapter	NN
www-sonatype-com-3567	163	47	2	2	CD
www-sonatype-com-3567	163	48	Open	Open	NNP
www-sonatype-com-3567	163	49	Source	source	NN
www-sonatype-com-3567	163	50	:	:	:
www-sonatype-com-3567	163	51	Supply	supply	NN
www-sonatype-com-3567	163	52	and	and	CC
www-sonatype-com-3567	163	53	Demand	Demand	NNP
www-sonatype-com-3567	163	54	JavaScript	JavaScript	NNP
www-sonatype-com-3567	163	55	Package	Package	NNP
www-sonatype-com-3567	163	56	Downloads	Downloads	NNPS
www-sonatype-com-3567	163	57	,	,	,
www-sonatype-com-3567	163	58	Rolling	Rolling	NNP
www-sonatype-com-3567	163	59	Weekly	Weekly	NNP
www-sonatype-com-3567	163	60	Average	Average	NNP
www-sonatype-com-3567	163	61	2013	2013	CD
www-sonatype-com-3567	163	62	–	–	:
www-sonatype-com-3567	163	63	2020	2020	CD
www-sonatype-com-3567	163	64	SOURCE	SOURCE	NNP
www-sonatype-com-3567	163	65	:	:	:
www-sonatype-com-3567	163	66	MICROSOFT	MICROSOFT	NNP
www-sonatype-com-3567	163	67	B	B	NNP
www-sonatype-com-3567	163	68	IL	IL	NNP
www-sonatype-com-3567	163	69	L	L	NNP
www-sonatype-com-3567	163	70	IO	IO	NNP
www-sonatype-com-3567	163	71	N	N	NNP
www-sonatype-com-3567	163	72	S	S	NNP
www-sonatype-com-3567	163	73	10B	10B	NNP
www-sonatype-com-3567	163	74	12.5B	12.5b	CD
www-sonatype-com-3567	163	75	15B	15b	CD
www-sonatype-com-3567	163	76	17.5B	17.5b	CD
www-sonatype-com-3567	163	77	20B	20b	CD
www-sonatype-com-3567	163	78	22.5B	22.5b	CD
www-sonatype-com-3567	163	79	7.5B	7.5b	NN
www-sonatype-com-3567	163	80	5B	5b	JJ
www-sonatype-com-3567	163	81	2.5B	2.5b	NN
www-sonatype-com-3567	163	82	0	0	CD
www-sonatype-com-3567	163	83	2018	2018	CD
www-sonatype-com-3567	163	84	2019	2019	CD
www-sonatype-com-3567	163	85	2020	2020	CD
www-sonatype-com-3567	163	86	(	(	-LRB-
www-sonatype-com-3567	163	87	to	to	IN
www-sonatype-com-3567	163	88	date	date	NN
www-sonatype-com-3567	163	89	)	)	-RRB-
www-sonatype-com-3567	163	90	20172016201520142013	20172016201520142013	CD
www-sonatype-com-3567	163	91	JavaScript	JavaScript	NNP
www-sonatype-com-3567	163	92	One	one	CD
www-sonatype-com-3567	163	93	trillion	trillion	CD
www-sonatype-com-3567	163	94	JavaScript	JavaScript	NNP
www-sonatype-com-3567	163	95	packages	package	NNS
www-sonatype-com-3567	163	96	will	will	MD
www-sonatype-com-3567	163	97	be	be	VB
www-sonatype-com-3567	163	98	downloaded	download	VBN
www-sonatype-com-3567	163	99	in	in	IN
www-sonatype-com-3567	163	100	2020	2020	CD
www-sonatype-com-3567	163	101	based	base	VBN
www-sonatype-com-3567	163	102	on	on	IN
www-sonatype-com-3567	163	103	monthly	monthly	JJ
www-sonatype-com-3567	163	104	download	download	NN
www-sonatype-com-3567	163	105	volumes	volume	NNS
www-sonatype-com-3567	163	106	today	today	NN
www-sonatype-com-3567	163	107	.	.	.
www-sonatype-com-3567	164	1	With	with	IN
www-sonatype-com-3567	164	2	over	over	IN
www-sonatype-com-3567	164	3	86	86	CD
www-sonatype-com-3567	164	4	billion	billion	CD
www-sonatype-com-3567	164	5	package	package	NN
www-sonatype-com-3567	164	6	downloads	download	NNS
www-sonatype-com-3567	164	7	in	in	IN
www-sonatype-com-3567	164	8	May	May	NNP
www-sonatype-com-3567	164	9	2020	2020	CD
www-sonatype-com-3567	164	10	,	,	,
www-sonatype-com-3567	164	11	the	the	DT
www-sonatype-com-3567	164	12	average	average	JJ
www-sonatype-com-3567	164	13	monthly	monthly	JJ
www-sonatype-com-3567	164	14	download	download	NN
www-sonatype-com-3567	164	15	traffic	traffic	NN
www-sonatype-com-3567	164	16	for	for	IN
www-sonatype-com-3567	164	17	npm	npm	NNP
www-sonatype-com-3567	164	18	packages	package	NNS
www-sonatype-com-3567	164	19	has	have	VBZ
www-sonatype-com-3567	164	20	grown	grow	VBN
www-sonatype-com-3567	164	21	more	more	JJR
www-sonatype-com-3567	164	22	than	than	IN
www-sonatype-com-3567	164	23	100	100	CD
www-sonatype-com-3567	164	24	%	%	NN
www-sonatype-com-3567	164	25	year	year	NN
www-sonatype-com-3567	164	26	over	over	IN
www-sonatype-com-3567	164	27	year.20	year.20	NNP
www-sonatype-com-3567	164	28	For	for	IN
www-sonatype-com-3567	164	29	the	the	DT
www-sonatype-com-3567	164	30	10.7	10.7	CD
www-sonatype-com-3567	164	31	million	million	CD
www-sonatype-com-3567	164	32	JavaScript	JavaScript	NNP
www-sonatype-com-3567	164	33	developers	developer	NNS
www-sonatype-com-3567	164	34	around	around	IN
www-sonatype-com-3567	164	35	the	the	DT
www-sonatype-com-3567	164	36	world	world	NN
www-sonatype-com-3567	164	37	,	,	,
www-sonatype-com-3567	164	38	this	this	DT
www-sonatype-com-3567	164	39	means	mean	VBZ
www-sonatype-com-3567	164	40	each	each	DT
www-sonatype-com-3567	164	41	will	will	MD
www-sonatype-com-3567	164	42	download	download	VB
www-sonatype-com-3567	164	43	an	an	DT
www-sonatype-com-3567	164	44	average	average	NN
www-sonatype-com-3567	164	45	of	of	IN
www-sonatype-com-3567	164	46	93,457	93,457	CD
www-sonatype-com-3567	164	47	packages	package	NNS
www-sonatype-com-3567	164	48	in	in	IN
www-sonatype-com-3567	164	49	2020.21	2020.21	CD
www-sonatype-com-3567	164	50	To	to	TO
www-sonatype-com-3567	164	51	keep	keep	VB
www-sonatype-com-3567	164	52	pace	pace	NN
www-sonatype-com-3567	164	53	with	with	IN
www-sonatype-com-3567	164	54	demand	demand	NN
www-sonatype-com-3567	164	55	for	for	IN
www-sonatype-com-3567	164	56	component	component	NN
www-sonatype-com-3567	164	57	-	-	HYPH
www-sonatype-com-3567	164	58	based	base	VBN
www-sonatype-com-3567	164	59	development	development	NN
www-sonatype-com-3567	164	60	,	,	,
www-sonatype-com-3567	164	61	JavaScript	JavaScript	NNP
www-sonatype-com-3567	164	62	community	community	NN
www-sonatype-com-3567	164	63	members	member	NNS
www-sonatype-com-3567	164	64	introduced	introduce	VBD
www-sonatype-com-3567	164	65	over	over	IN
www-sonatype-com-3567	164	66	500,000	500,000	CD
www-sonatype-com-3567	164	67	new	new	JJ
www-sonatype-com-3567	164	68	component	component	NN
www-sonatype-com-3567	164	69	releases	release	NNS
www-sonatype-com-3567	164	70	in	in	IN
www-sonatype-com-3567	164	71	the	the	DT
www-sonatype-com-3567	164	72	past	past	JJ
www-sonatype-com-3567	164	73	year	year	NN
www-sonatype-com-3567	164	74	.	.	.
www-sonatype-com-3567	165	1	There	there	EX
www-sonatype-com-3567	165	2	are	be	VBP
www-sonatype-com-3567	165	3	now	now	RB
www-sonatype-com-3567	165	4	1.3	1.3	CD
www-sonatype-com-3567	165	5	million	million	CD
www-sonatype-com-3567	165	6	npm	npm	NN
www-sonatype-com-3567	165	7	packages	package	NNS
www-sonatype-com-3567	165	8	available	available	JJ
www-sonatype-com-3567	165	9	to	to	IN
www-sonatype-com-3567	165	10	developers	developer	NNS
www-sonatype-com-3567	165	11	—	—	:
www-sonatype-com-3567	165	12	up	up	RB
www-sonatype-com-3567	165	13	63	63	CD
www-sonatype-com-3567	165	14	%	%	NN
www-sonatype-com-3567	165	15	from	from	IN
www-sonatype-com-3567	165	16	last	last	JJ
www-sonatype-com-3567	165	17	year	year	NN
www-sonatype-com-3567	165	18	.	.	.
www-sonatype-com-3567	166	1	FIGURE	FIGURE	NNP
www-sonatype-com-3567	166	2	2A	2a	NN
www-sonatype-com-3567	166	3	JavaScript	JavaScript	NNP
www-sonatype-com-3567	166	4	Package	Package	NNP
www-sonatype-com-3567	166	5	Downloads	Downloads	NNP
www-sonatype-com-3567	166	6	,	,	,
www-sonatype-com-3567	166	7	Rolling	Rolling	NNP
www-sonatype-com-3567	166	8	Weekly	Weekly	NNP
www-sonatype-com-3567	166	9	Average	Average	NNP
www-sonatype-com-3567	166	10	2013	2013	CD
www-sonatype-com-3567	166	11	–	–	:
www-sonatype-com-3567	166	12	2020	2020	CD
www-sonatype-com-3567	166	13	SOURCE	SOURCE	NNP
www-sonatype-com-3567	166	14	:	:	:
www-sonatype-com-3567	166	15	Microsoft	Microsoft	NNP
www-sonatype-com-3567	166	16	132020	132020	CD
www-sonatype-com-3567	166	17	STATE	STATE	NNP
www-sonatype-com-3567	166	18	OF	of	IN
www-sonatype-com-3567	166	19	THE	the	DT
www-sonatype-com-3567	166	20	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	166	21	SUPPLY	supply	NN
www-sonatype-com-3567	166	22	CHAIN	chain	NN
www-sonatype-com-3567	166	23	REPORT	report	NN
www-sonatype-com-3567	166	24	C	c	NN
www-sonatype-com-3567	166	25	H	h	NN
www-sonatype-com-3567	166	26	A	a	NN
www-sonatype-com-3567	166	27	P	p	NN
www-sonatype-com-3567	166	28	T	t	NN
www-sonatype-com-3567	166	29	E	e	NN
www-sonatype-com-3567	166	30	R	r	NN
www-sonatype-com-3567	166	31	2	2	CD
www-sonatype-com-3567	166	32	:	:	:
www-sonatype-com-3567	166	33	O	o	NN
www-sonatype-com-3567	166	34	P	p	NN
www-sonatype-com-3567	166	35	E	e	NN
www-sonatype-com-3567	166	36	N	n	NN
www-sonatype-com-3567	166	37	S	s	NN
www-sonatype-com-3567	166	38	O	o	NN
www-sonatype-com-3567	166	39	U	u	NN
www-sonatype-com-3567	166	40	R	r	NN
www-sonatype-com-3567	166	41	C	c	NN
www-sonatype-com-3567	166	42	E	e	NN
www-sonatype-com-3567	166	43	:	:	:
www-sonatype-com-3567	166	44	S	s	NN
www-sonatype-com-3567	166	45	U	u	NN
www-sonatype-com-3567	166	46	P	p	NN
www-sonatype-com-3567	166	47	P	p	NN
www-sonatype-com-3567	166	48	LY	ly	NN
www-sonatype-com-3567	166	49	A	a	NN
www-sonatype-com-3567	166	50	N	n	NN
www-sonatype-com-3567	166	51	D	d	NN
www-sonatype-com-3567	166	52	D	d	NN
www-sonatype-com-3567	166	53	E	e	NN
www-sonatype-com-3567	166	54	M	m	NN
www-sonatype-com-3567	166	55	A	a	NN
www-sonatype-com-3567	166	56	N	N	NNP
www-sonatype-com-3567	166	57	D	d	NN
www-sonatype-com-3567	166	58	BILLIONS	billions	JJ
www-sonatype-com-3567	166	59	25B	25b	CD
www-sonatype-com-3567	166	60	50B	50b	CD
www-sonatype-com-3567	166	61	75B	75B	NNP
www-sonatype-com-3567	166	62	100B	100b	CD
www-sonatype-com-3567	166	63	125B	125b	CD
www-sonatype-com-3567	166	64	175B	175b	CD
www-sonatype-com-3567	166	65	200B	200b	CD
www-sonatype-com-3567	166	66	225B	225b	CD
www-sonatype-com-3567	166	67	250B	250b	CD
www-sonatype-com-3567	166	68	275B	275b	CD
www-sonatype-com-3567	166	69	300B	300b	CD
www-sonatype-com-3567	166	70	325B	325b	CD
www-sonatype-com-3567	166	71	350B	350b	CD
www-sonatype-com-3567	166	72	375B150B	375b150b	CD
www-sonatype-com-3567	166	73	2020	2020	CD
www-sonatype-com-3567	166	74	(	(	-LRB-
www-sonatype-com-3567	166	75	projected	project	VBN
www-sonatype-com-3567	166	76	)	)	-RRB-
www-sonatype-com-3567	166	77	Number	Number	NNP
www-sonatype-com-3567	166	78	of	of	IN
www-sonatype-com-3567	166	79	Download	Download	NNP
www-sonatype-com-3567	166	80	Requests	Requests	NNPS
www-sonatype-com-3567	166	81	for	for	IN
www-sonatype-com-3567	166	82	Java	Java	NNP
www-sonatype-com-3567	166	83	Component	Component	NNP
www-sonatype-com-3567	166	84	Releases	Releases	NNP
www-sonatype-com-3567	166	85	2012	2012	CD
www-sonatype-com-3567	166	86	–	–	:
www-sonatype-com-3567	166	87	2020	2020	CD
www-sonatype-com-3567	166	88	376B	376b	CD
www-sonatype-com-3567	166	89	2018	2018	CD
www-sonatype-com-3567	166	90	2019	2019	CD
www-sonatype-com-3567	166	91	2017	2017	CD
www-sonatype-com-3567	166	92	2016	2016	CD
www-sonatype-com-3567	166	93	2015	2015	CD
www-sonatype-com-3567	166	94	2014	2014	CD
www-sonatype-com-3567	166	95	2013	2013	CD
www-sonatype-com-3567	166	96	2012	2012	CD
www-sonatype-com-3567	166	97	Java	Java	NNP
www-sonatype-com-3567	166	98	There	there	EX
www-sonatype-com-3567	166	99	are	be	VBP
www-sonatype-com-3567	166	100	an	an	DT
www-sonatype-com-3567	166	101	estimated	estimate	VBN
www-sonatype-com-3567	166	102	7.6	7.6	CD
www-sonatype-com-3567	166	103	million	million	CD
www-sonatype-com-3567	166	104	Java	Java	NNP
www-sonatype-com-3567	166	105	developers	developer	NNS
www-sonatype-com-3567	166	106	worldwide.22	worldwide.22	NNP
www-sonatype-com-3567	166	107	In	in	IN
www-sonatype-com-3567	166	108	2019	2019	CD
www-sonatype-com-3567	166	109	,	,	,
www-sonatype-com-3567	166	110	those	those	DT
www-sonatype-com-3567	166	111	developers	developer	NNS
www-sonatype-com-3567	166	112	triggered	trigger	VBD
www-sonatype-com-3567	166	113	226	226	CD
www-sonatype-com-3567	166	114	billion	billion	CD
www-sonatype-com-3567	166	115	open	open	JJ
www-sonatype-com-3567	166	116	source	source	NN
www-sonatype-com-3567	166	117	software	software	NN
www-sonatype-com-3567	166	118	component	component	VBP
www-sonatype-com-3567	166	119	download	download	NN
www-sonatype-com-3567	166	120	requests	request	NNS
www-sonatype-com-3567	166	121	from	from	IN
www-sonatype-com-3567	166	122	Maven	Maven	NNP
www-sonatype-com-3567	166	123	Central	Central	NNP
www-sonatype-com-3567	166	124	.	.	.
www-sonatype-com-3567	167	1	Download	download	JJ
www-sonatype-com-3567	167	2	request	request	NN
www-sonatype-com-3567	167	3	traffic	traffic	NN
www-sonatype-com-3567	167	4	was	be	VBD
www-sonatype-com-3567	167	5	up	up	RB
www-sonatype-com-3567	167	6	55	55	CD
www-sonatype-com-3567	167	7	%	%	NN
www-sonatype-com-3567	167	8	year	year	NN
www-sonatype-com-3567	167	9	over	over	IN
www-sonatype-com-3567	167	10	year	year	NN
www-sonatype-com-3567	167	11	,	,	,
www-sonatype-com-3567	167	12	with	with	IN
www-sonatype-com-3567	167	13	the	the	DT
www-sonatype-com-3567	167	14	average	average	JJ
www-sonatype-com-3567	167	15	developer	developer	NN
www-sonatype-com-3567	167	16	requesting	request	VBG
www-sonatype-com-3567	167	17	29,736	29,736	CD
www-sonatype-com-3567	167	18	component	component	NN
www-sonatype-com-3567	167	19	releases	release	NNS
www-sonatype-com-3567	167	20	annually	annually	RB
www-sonatype-com-3567	167	21	.	.	.
www-sonatype-com-3567	168	1	With	with	IN
www-sonatype-com-3567	168	2	over	over	IN
www-sonatype-com-3567	168	3	31	31	CD
www-sonatype-com-3567	168	4	billion	billion	CD
www-sonatype-com-3567	168	5	download	download	NN
www-sonatype-com-3567	168	6	requests	request	NNS
www-sonatype-com-3567	168	7	in	in	IN
www-sonatype-com-3567	168	8	June	June	NNP
www-sonatype-com-3567	168	9	,	,	,
www-sonatype-com-3567	168	10	annual	annual	JJ
www-sonatype-com-3567	168	11	download	download	NN
www-sonatype-com-3567	168	12	requests	request	NNS
www-sonatype-com-3567	168	13	for	for	IN
www-sonatype-com-3567	168	14	2020	2020	CD
www-sonatype-com-3567	168	15	are	be	VBP
www-sonatype-com-3567	168	16	on	on	IN
www-sonatype-com-3567	168	17	pace	pace	NN
www-sonatype-com-3567	168	18	to	to	IN
www-sonatype-com-3567	168	19	top	top	JJ
www-sonatype-com-3567	168	20	376	376	CD
www-sonatype-com-3567	168	21	billion	billion	CD
www-sonatype-com-3567	168	22	.	.	.
www-sonatype-com-3567	169	1	For	for	IN
www-sonatype-com-3567	169	2	Java	Java	NNP
www-sonatype-com-3567	169	3	developers	developer	NNS
www-sonatype-com-3567	169	4	,	,	,
www-sonatype-com-3567	169	5	the	the	DT
www-sonatype-com-3567	169	6	supply	supply	NN
www-sonatype-com-3567	169	7	of	of	IN
www-sonatype-com-3567	169	8	Maven	Maven	NNP
www-sonatype-com-3567	169	9	pack-	pack-	NN
www-sonatype-com-3567	169	10	ages	age	NNS
www-sonatype-com-3567	169	11	increased	increase	VBD
www-sonatype-com-3567	169	12	from	from	IN
www-sonatype-com-3567	169	13	3.7	3.7	CD
www-sonatype-com-3567	169	14	million	million	CD
www-sonatype-com-3567	169	15	(	(	-LRB-
www-sonatype-com-3567	169	16	June	June	NNP
www-sonatype-com-3567	169	17	2019	2019	CD
www-sonatype-com-3567	169	18	)	)	-RRB-
www-sonatype-com-3567	169	19	to	to	IN
www-sonatype-com-3567	169	20	over	over	IN
www-sonatype-com-3567	169	21	5	5	CD
www-sonatype-com-3567	169	22	million	million	CD
www-sonatype-com-3567	169	23	(	(	-LRB-
www-sonatype-com-3567	169	24	June	June	NNP
www-sonatype-com-3567	169	25	2020	2020	CD
www-sonatype-com-3567	169	26	)	)	-RRB-
www-sonatype-com-3567	169	27	.	.	.
www-sonatype-com-3567	170	1	There	there	EX
www-sonatype-com-3567	170	2	are	be	VBP
www-sonatype-com-3567	170	3	337,000	337,000	CD
www-sonatype-com-3567	170	4	Java	Java	NNP
www-sonatype-com-3567	170	5	open	open	JJ
www-sonatype-com-3567	170	6	source	source	NN
www-sonatype-com-3567	170	7	projects	project	NNS
www-sonatype-com-3567	170	8	that	that	WDT
www-sonatype-com-3567	170	9	make	make	VBP
www-sonatype-com-3567	170	10	their	-PRON-	PRP$
www-sonatype-com-3567	170	11	component	component	NN
www-sonatype-com-3567	170	12	releases	release	NNS
www-sonatype-com-3567	170	13	available	available	JJ
www-sonatype-com-3567	170	14	on	on	IN
www-sonatype-com-3567	170	15	Maven	Maven	NNP
www-sonatype-com-3567	170	16	Central	Central	NNP
www-sonatype-com-3567	170	17	.	.	.
www-sonatype-com-3567	171	1	.NET	.NET	NNP
www-sonatype-com-3567	171	2	.NET	.NET	NNP
www-sonatype-com-3567	171	3	developers	developer	NNS
www-sonatype-com-3567	171	4	were	be	VBD
www-sonatype-com-3567	171	5	also	also	RB
www-sonatype-com-3567	171	6	eager	eager	JJ
www-sonatype-com-3567	171	7	to	to	TO
www-sonatype-com-3567	171	8	consume	consume	VB
www-sonatype-com-3567	171	9	open	open	JJ
www-sonatype-com-3567	171	10	source	source	NN
www-sonatype-com-3567	171	11	software	software	NN
www-sonatype-com-3567	171	12	packages	package	NNS
www-sonatype-com-3567	171	13	over	over	IN
www-sonatype-com-3567	171	14	the	the	DT
www-sonatype-com-3567	171	15	past	past	JJ
www-sonatype-com-3567	171	16	year	year	NN
www-sonatype-com-3567	171	17	.	.	.
www-sonatype-com-3567	172	1	Developers	developer	NNS
www-sonatype-com-3567	172	2	who	who	WP
www-sonatype-com-3567	172	3	downloaded	download	VBD
www-sonatype-com-3567	172	4	an	an	DT
www-sonatype-com-3567	172	5	annualized	annualize	VBN
www-sonatype-com-3567	172	6	16.2	16.2	CD
www-sonatype-com-3567	172	7	billion	billion	CD
www-sonatype-com-3567	172	8	NuGet	NuGet	NNP
www-sonatype-com-3567	172	9	packages	package	NNS
www-sonatype-com-3567	172	10	in	in	IN
www-sonatype-com-3567	172	11	2019	2019	CD
www-sonatype-com-3567	172	12	increased	increase	VBD
www-sonatype-com-3567	172	13	their	-PRON-	PRP$
www-sonatype-com-3567	172	14	appetite	appetite	NN
www-sonatype-com-3567	172	15	177	177	CD
www-sonatype-com-3567	172	16	%	%	NN
www-sonatype-com-3567	172	17	to	to	TO
www-sonatype-com-3567	172	18	reach	reach	VB
www-sonatype-com-3567	172	19	44.8	44.8	CD
www-sonatype-com-3567	172	20	billion	billion	CD
www-sonatype-com-3567	172	21	annualized	annualize	VBN
www-sonatype-com-3567	172	22	downloads	download	NNS
www-sonatype-com-3567	172	23	in	in	IN
www-sonatype-com-3567	172	24	2020.23	2020.23	CD
www-sonatype-com-3567	172	25	The	the	DT
www-sonatype-com-3567	172	26	supply	supply	NN
www-sonatype-com-3567	172	27	of	of	IN
www-sonatype-com-3567	172	28	components	component	NNS
www-sonatype-com-3567	172	29	increased	increase	VBN
www-sonatype-com-3567	172	30	by	by	IN
www-sonatype-com-3567	172	31	700,000	700,000	CD
www-sonatype-com-3567	172	32	package	package	NN
www-sonatype-com-3567	172	33	releases	release	NNS
www-sonatype-com-3567	172	34	in	in	IN
www-sonatype-com-3567	172	35	the	the	DT
www-sonatype-com-3567	172	36	past	past	JJ
www-sonatype-com-3567	172	37	year	year	NN
www-sonatype-com-3567	172	38	—	—	:
www-sonatype-com-3567	172	39	now	now	RB
www-sonatype-com-3567	172	40	totaling	total	VBG
www-sonatype-com-3567	172	41	2.3	2.3	CD
www-sonatype-com-3567	172	42	million.24	million.24	NNP
www-sonatype-com-3567	172	43	Over	over	IN
www-sonatype-com-3567	172	44	200,000	200,000	CD
www-sonatype-com-3567	172	45	open	open	JJ
www-sonatype-com-3567	172	46	source	source	NN
www-sonatype-com-3567	172	47	projects	project	NNS
www-sonatype-com-3567	172	48	now	now	RB
www-sonatype-com-3567	172	49	make	make	VBP
www-sonatype-com-3567	172	50	their	-PRON-	PRP$
www-sonatype-com-3567	172	51	packages	package	NNS
www-sonatype-com-3567	172	52	available	available	JJ
www-sonatype-com-3567	172	53	on	on	IN
www-sonatype-com-3567	172	54	the	the	DT
www-sonatype-com-3567	172	55	NuGet	NuGet	NNP
www-sonatype-com-3567	172	56	Gallery	Gallery	NNP
www-sonatype-com-3567	172	57	.	.	.
www-sonatype-com-3567	173	1	DockerHub	DockerHub	NNP
www-sonatype-com-3567	173	2	According	accord	VBG
www-sonatype-com-3567	173	3	to	to	IN
www-sonatype-com-3567	173	4	stats	stat	NNS
www-sonatype-com-3567	173	5	available	available	JJ
www-sonatype-com-3567	173	6	from	from	IN
www-sonatype-com-3567	173	7	the	the	DT
www-sonatype-com-3567	173	8	Docker	Docker	NNP
www-sonatype-com-3567	173	9	Index	Index	NNP
www-sonatype-com-3567	173	10	,	,	,
www-sonatype-com-3567	173	11	pulls	pull	VBZ
www-sonatype-com-3567	173	12	of	of	IN
www-sonatype-com-3567	173	13	container	container	NN
www-sonatype-com-3567	173	14	images	image	NNS
www-sonatype-com-3567	173	15	topped	top	VBD
www-sonatype-com-3567	173	16	8	8	CD
www-sonatype-com-3567	173	17	billion	billion	CD
www-sonatype-com-3567	173	18	for	for	IN
www-sonatype-com-3567	173	19	the	the	DT
www-sonatype-com-3567	173	20	month	month	NN
www-sonatype-com-3567	173	21	of	of	IN
www-sonatype-com-3567	173	22	January.25	january.25	NN
www-sonatype-com-3567	173	23	This	this	DT
www-sonatype-com-3567	173	24	means	mean	VBZ
www-sonatype-com-3567	173	25	annualized	annualize	VBN
www-sonatype-com-3567	173	26	image	image	NN
www-sonatype-com-3567	173	27	pulls	pull	NNS
www-sonatype-com-3567	173	28	from	from	IN
www-sonatype-com-3567	173	29	the	the	DT
www-sonatype-com-3567	173	30	repository	repository	NN
www-sonatype-com-3567	173	31	should	should	MD
www-sonatype-com-3567	173	32	top	top	VB
www-sonatype-com-3567	173	33	96	96	CD
www-sonatype-com-3567	173	34	billion	billion	CD
www-sonatype-com-3567	173	35	this	this	DT
www-sonatype-com-3567	173	36	year.26	year.26	NNP
www-sonatype-com-3567	173	37	To	to	TO
www-sonatype-com-3567	173	38	keep	keep	VB
www-sonatype-com-3567	173	39	pace	pace	NN
www-sonatype-com-3567	173	40	with	with	IN
www-sonatype-com-3567	173	41	demand	demand	NN
www-sonatype-com-3567	173	42	,	,	,
www-sonatype-com-3567	173	43	suppliers	supplier	NNS
www-sonatype-com-3567	173	44	pushed	push	VBD
www-sonatype-com-3567	173	45	2.2	2.2	CD
www-sonatype-com-3567	173	46	million	million	CD
www-sonatype-com-3567	173	47	new	new	JJ
www-sonatype-com-3567	173	48	images	image	NNS
www-sonatype-com-3567	173	49	to	to	IN
www-sonatype-com-3567	173	50	DockerHub	DockerHub	NNP
www-sonatype-com-3567	173	51	over	over	IN
www-sonatype-com-3567	173	52	the	the	DT
www-sonatype-com-3567	173	53	past	past	JJ
www-sonatype-com-3567	173	54	year	year	NN
www-sonatype-com-3567	173	55	—	—	:
www-sonatype-com-3567	173	56	up	up	RB
www-sonatype-com-3567	173	57	55	55	CD
www-sonatype-com-3567	173	58	%	%	NN
www-sonatype-com-3567	173	59	since	since	IN
www-sonatype-com-3567	173	60	our	-PRON-	PRP$
www-sonatype-com-3567	173	61	last	last	JJ
www-sonatype-com-3567	173	62	report	report	NN
www-sonatype-com-3567	173	63	.	.	.
www-sonatype-com-3567	174	1	Now	now	RB
www-sonatype-com-3567	174	2	that	that	IN
www-sonatype-com-3567	174	3	we	-PRON-	PRP
www-sonatype-com-3567	174	4	have	have	VBP
www-sonatype-com-3567	174	5	examined	examine	VBN
www-sonatype-com-3567	174	6	supply	supply	NN
www-sonatype-com-3567	174	7	and	and	CC
www-sonatype-com-3567	174	8	demand	demand	NN
www-sonatype-com-3567	174	9	levels	level	NNS
www-sonatype-com-3567	174	10	,	,	,
www-sonatype-com-3567	174	11	our	-PRON-	PRP$
www-sonatype-com-3567	174	12	next	next	JJ
www-sonatype-com-3567	174	13	chapter	chapter	NN
www-sonatype-com-3567	174	14	aims	aim	VBZ
www-sonatype-com-3567	174	15	to	to	TO
www-sonatype-com-3567	174	16	shed	shed	VB
www-sonatype-com-3567	174	17	light	light	NN
www-sonatype-com-3567	174	18	on	on	IN
www-sonatype-com-3567	174	19	attributes	attribute	NNS
www-sonatype-com-3567	174	20	to	to	TO
www-sonatype-com-3567	174	21	look	look	VB
www-sonatype-com-3567	174	22	for	for	IN
www-sonatype-com-3567	174	23	when	when	WRB
www-sonatype-com-3567	174	24	selecting	select	VBG
www-sonatype-com-3567	174	25	the	the	DT
www-sonatype-com-3567	174	26	best	good	JJS
www-sonatype-com-3567	174	27	open	open	JJ
www-sonatype-com-3567	174	28	source	source	NN
www-sonatype-com-3567	174	29	projects	project	NNS
www-sonatype-com-3567	174	30	to	to	TO
www-sonatype-com-3567	174	31	rely	rely	VB
www-sonatype-com-3567	174	32	upon	upon	IN
www-sonatype-com-3567	174	33	.	.	.
www-sonatype-com-3567	175	1	■	■	NFP
www-sonatype-com-3567	175	2	BILLIONS	BILLIONS	NNP
www-sonatype-com-3567	175	3	25B	25b	CD
www-sonatype-com-3567	175	4	50B	50b	CD
www-sonatype-com-3567	175	5	75B	75B	NNP
www-sonatype-com-3567	175	6	100B	100b	CD
www-sonatype-com-3567	175	7	125B	125b	CD
www-sonatype-com-3567	175	8	175B	175b	CD
www-sonatype-com-3567	175	9	200B	200b	CD
www-sonatype-com-3567	175	10	225B	225b	CD
www-sonatype-com-3567	175	11	250B	250b	CD
www-sonatype-com-3567	175	12	275B	275b	CD
www-sonatype-com-3567	175	13	300B	300b	CD
www-sonatype-com-3567	175	14	325B	325b	CD
www-sonatype-com-3567	175	15	350B	350b	CD
www-sonatype-com-3567	175	16	375B150B	375b150b	CD
www-sonatype-com-3567	175	17	2020	2020	CD
www-sonatype-com-3567	175	18	(	(	-LRB-
www-sonatype-com-3567	175	19	projected	project	VBN
www-sonatype-com-3567	175	20	)	)	-RRB-
www-sonatype-com-3567	175	21	Number	Number	NNP
www-sonatype-com-3567	175	22	of	of	IN
www-sonatype-com-3567	175	23	Download	Download	NNP
www-sonatype-com-3567	175	24	Requests	Requests	NNPS
www-sonatype-com-3567	175	25	for	for	IN
www-sonatype-com-3567	175	26	Java	Java	NNP
www-sonatype-com-3567	175	27	Component	Component	NNP
www-sonatype-com-3567	175	28	Releases	Releases	NNP
www-sonatype-com-3567	175	29	2012	2012	CD
www-sonatype-com-3567	175	30	–	–	:
www-sonatype-com-3567	175	31	2020	2020	CD
www-sonatype-com-3567	175	32	376B	376b	CD
www-sonatype-com-3567	175	33	2018	2018	CD
www-sonatype-com-3567	175	34	2019	2019	CD
www-sonatype-com-3567	175	35	2017	2017	CD
www-sonatype-com-3567	175	36	2016	2016	CD
www-sonatype-com-3567	175	37	2015	2015	CD
www-sonatype-com-3567	175	38	2014	2014	CD
www-sonatype-com-3567	175	39	2013	2013	CD
www-sonatype-com-3567	175	40	2012	2012	CD
www-sonatype-com-3567	175	41	FIGURE	FIGURE	NNP
www-sonatype-com-3567	175	42	2B	2b	NN
www-sonatype-com-3567	175	43	Number	number	NN
www-sonatype-com-3567	175	44	of	of	IN
www-sonatype-com-3567	175	45	Download	Download	NNP
www-sonatype-com-3567	175	46	Requests	Requests	NNPS
www-sonatype-com-3567	175	47	for	for	IN
www-sonatype-com-3567	175	48	Java	Java	NNP
www-sonatype-com-3567	175	49	Component	Component	NNP
www-sonatype-com-3567	175	50	Releases	Releases	NNP
www-sonatype-com-3567	175	51	2012	2012	CD
www-sonatype-com-3567	175	52	–	–	:
www-sonatype-com-3567	175	53	2020	2020	CD
www-sonatype-com-3567	175	54	142020	142020	CD
www-sonatype-com-3567	175	55	STATE	STATE	NNP
www-sonatype-com-3567	175	56	OF	of	IN
www-sonatype-com-3567	175	57	THE	the	DT
www-sonatype-com-3567	175	58	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	175	59	SUPPLY	supply	NN
www-sonatype-com-3567	175	60	CHAIN	chain	NN
www-sonatype-com-3567	175	61	REPORT	report	NN
www-sonatype-com-3567	175	62	C	c	NN
www-sonatype-com-3567	175	63	H	h	NN
www-sonatype-com-3567	175	64	A	a	NN
www-sonatype-com-3567	175	65	P	p	NN
www-sonatype-com-3567	175	66	T	t	NN
www-sonatype-com-3567	175	67	E	e	NN
www-sonatype-com-3567	175	68	R	r	NN
www-sonatype-com-3567	175	69	2	2	CD
www-sonatype-com-3567	175	70	:	:	:
www-sonatype-com-3567	175	71	O	o	NN
www-sonatype-com-3567	175	72	P	p	NN
www-sonatype-com-3567	175	73	E	e	NN
www-sonatype-com-3567	175	74	N	n	NN
www-sonatype-com-3567	175	75	S	s	NN
www-sonatype-com-3567	175	76	O	o	NN
www-sonatype-com-3567	175	77	U	u	NN
www-sonatype-com-3567	175	78	R	r	NN
www-sonatype-com-3567	175	79	C	c	NN
www-sonatype-com-3567	175	80	E	e	NN
www-sonatype-com-3567	175	81	:	:	:
www-sonatype-com-3567	175	82	S	s	NN
www-sonatype-com-3567	175	83	U	u	NN
www-sonatype-com-3567	175	84	P	p	NN
www-sonatype-com-3567	175	85	P	p	NN
www-sonatype-com-3567	175	86	LY	ly	NN
www-sonatype-com-3567	175	87	A	a	NN
www-sonatype-com-3567	175	88	N	n	NN
www-sonatype-com-3567	175	89	D	d	NN
www-sonatype-com-3567	175	90	D	d	NN
www-sonatype-com-3567	175	91	E	e	NN
www-sonatype-com-3567	175	92	M	m	NN
www-sonatype-com-3567	175	93	A	A	NNP
www-sonatype-com-3567	175	94	N	N	NNP
www-sonatype-com-3567	175	95	D	d	NN
www-sonatype-com-3567	175	96	CHAPTER	chapter	NN
www-sonatype-com-3567	175	97	3	3	CD
www-sonatype-com-3567	175	98	Identifying	identify	VBG
www-sonatype-com-3567	175	99	Exemplary	Exemplary	NNP
www-sonatype-com-3567	175	100	Open	Open	NNP
www-sonatype-com-3567	175	101	Source	source	NN
www-sonatype-com-3567	175	102	Suppliers	supplier	NNS
www-sonatype-com-3567	175	103	Researching	research	VBG
www-sonatype-com-3567	175	104	the	the	DT
www-sonatype-com-3567	175	105	Best	good	JJS
www-sonatype-com-3567	175	106	Performing	performing	JJ
www-sonatype-com-3567	175	107	OSS	oss	NN
www-sonatype-com-3567	175	108	Projects	project	NNS
www-sonatype-com-3567	175	109	To	to	TO
www-sonatype-com-3567	175	110	better	well	RBR
www-sonatype-com-3567	175	111	understand	understand	VB
www-sonatype-com-3567	175	112	the	the	DT
www-sonatype-com-3567	175	113	health	health	NN
www-sonatype-com-3567	175	114	and	and	CC
www-sonatype-com-3567	175	115	habits	habit	NNS
www-sonatype-com-3567	175	116	of	of	IN
www-sonatype-com-3567	175	117	the	the	DT
www-sonatype-com-3567	175	118	open	open	JJ
www-sonatype-com-3567	175	119	source	source	NN
www-sonatype-com-3567	175	120	component	component	NN
www-sonatype-com-3567	175	121	ecosystem	ecosystem	NNP
www-sonatype-com-3567	175	122	,	,	,
www-sonatype-com-3567	175	123	we	-PRON-	PRP
www-sonatype-com-3567	175	124	researched	research	VBD
www-sonatype-com-3567	175	125	thousands	thousand	NNS
www-sonatype-com-3567	175	126	of	of	IN
www-sonatype-com-3567	175	127	Java	Java	NNP
www-sonatype-com-3567	175	128	components	component	NNS
www-sonatype-com-3567	175	129	housed	house	VBN
www-sonatype-com-3567	175	130	in	in	IN
www-sonatype-com-3567	175	131	The	the	DT
www-sonatype-com-3567	175	132	Central	Central	NNP
www-sonatype-com-3567	175	133	Repository	Repository	NNP
www-sonatype-com-3567	175	134	(	(	-LRB-
www-sonatype-com-3567	175	135	“	"	``
www-sonatype-com-3567	175	136	Maven	Maven	NNP
www-sonatype-com-3567	175	137	Central	Central	NNP
www-sonatype-com-3567	175	138	”	"	''
www-sonatype-com-3567	175	139	)	)	-RRB-
www-sonatype-com-3567	175	140	to	to	TO
www-sonatype-com-3567	175	141	help	help	VB
www-sonatype-com-3567	175	142	answer	answer	VB
www-sonatype-com-3567	175	143	the	the	DT
www-sonatype-com-3567	175	144	following	follow	VBG
www-sonatype-com-3567	175	145	questions	question	NNS
www-sonatype-com-3567	175	146	:	:	:
www-sonatype-com-3567	175	147	⊲	⊲	NFP
www-sonatype-com-3567	175	148	Do	do	VBP
www-sonatype-com-3567	175	149	differences	difference	NNS
www-sonatype-com-3567	175	150	exist	exist	VB
www-sonatype-com-3567	175	151	in	in	IN
www-sonatype-com-3567	175	152	how	how	WRB
www-sonatype-com-3567	175	153	effectively	effectively	RB
www-sonatype-com-3567	175	154	OSS	oss	NN
www-sonatype-com-3567	175	155	projects	project	NNS
www-sonatype-com-3567	175	156	update	update	VBP
www-sonatype-com-3567	175	157	their	-PRON-	PRP$
www-sonatype-com-3567	175	158	dependencies	dependency	NNS
www-sonatype-com-3567	175	159	and	and	CC
www-sonatype-com-3567	175	160	fix	fix	NN
www-sonatype-com-3567	175	161	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	175	162	?	?	.
www-sonatype-com-3567	176	1	Are	be	VBP
www-sonatype-com-3567	176	2	there	there	EX
www-sonatype-com-3567	176	3	exemplary	exemplary	JJ
www-sonatype-com-3567	176	4	components	component	NNS
www-sonatype-com-3567	176	5	that	that	WDT
www-sonatype-com-3567	176	6	do	do	VBP
www-sonatype-com-3567	176	7	this	this	DT
www-sonatype-com-3567	176	8	better	well	JJR
www-sonatype-com-3567	176	9	than	than	IN
www-sonatype-com-3567	176	10	others	other	NNS
www-sonatype-com-3567	176	11	?	?	.
www-sonatype-com-3567	177	1	⊲	⊲	NFP
www-sonatype-com-3567	177	2	Are	be	VBP
www-sonatype-com-3567	177	3	exemplary	exemplary	JJ
www-sonatype-com-3567	177	4	components	component	NNS
www-sonatype-com-3567	177	5	more	more	RBR
www-sonatype-com-3567	177	6	widely	widely	RB
www-sonatype-com-3567	177	7	-	-	HYPH
www-sonatype-com-3567	177	8	used	use	VBN
www-sonatype-com-3567	177	9	than	than	IN
www-sonatype-com-3567	177	10	“	"	``
www-sonatype-com-3567	177	11	non	non	JJ
www-sonatype-com-3567	177	12	-	-	JJ
www-sonatype-com-3567	177	13	exemplary	exemplary	JJ
www-sonatype-com-3567	177	14	”	"	''
www-sonatype-com-3567	177	15	components	component	NNS
www-sonatype-com-3567	177	16	?	?	.
www-sonatype-com-3567	178	1	⊲	⊲	NFP
www-sonatype-com-3567	178	2	What	what	WDT
www-sonatype-com-3567	178	3	factors	factor	NNS
www-sonatype-com-3567	178	4	correlate	correlate	VBP
www-sonatype-com-3567	178	5	with	with	IN
www-sonatype-com-3567	178	6	exemplary	exemplary	JJ
www-sonatype-com-3567	178	7	components	component	NNS
www-sonatype-com-3567	178	8	?	?	.
www-sonatype-com-3567	179	1	Components	component	NNS
www-sonatype-com-3567	179	2	included	include	VBN
www-sonatype-com-3567	179	3	in	in	IN
www-sonatype-com-3567	179	4	the	the	DT
www-sonatype-com-3567	179	5	research	research	NN
www-sonatype-com-3567	179	6	had	have	VBD
www-sonatype-com-3567	179	7	to	to	TO
www-sonatype-com-3567	179	8	meet	meet	VB
www-sonatype-com-3567	179	9	the	the	DT
www-sonatype-com-3567	179	10	following	follow	VBG
www-sonatype-com-3567	179	11	criteria	criterion	NNS
www-sonatype-com-3567	179	12	:	:	:
www-sonatype-com-3567	179	13	⊲	⊲	CD
www-sonatype-com-3567	179	14	Published	publish	VBN
www-sonatype-com-3567	179	15	to	to	IN
www-sonatype-com-3567	179	16	the	the	DT
www-sonatype-com-3567	179	17	Central	Central	NNP
www-sonatype-com-3567	179	18	Repository	Repository	NNP
www-sonatype-com-3567	179	19	⊲	⊲	NNS
www-sonatype-com-3567	179	20	Released	release	VBN
www-sonatype-com-3567	179	21	at	at	RB
www-sonatype-com-3567	179	22	least	least	RBS
www-sonatype-com-3567	179	23	two	two	CD
www-sonatype-com-3567	179	24	versions	version	NNS
www-sonatype-com-3567	179	25	⊲	⊲	CD
www-sonatype-com-3567	179	26	Represented	represent	VBN
www-sonatype-com-3567	179	27	in	in	IN
www-sonatype-com-3567	179	28	the	the	DT
www-sonatype-com-3567	179	29	open	open	JJ
www-sonatype-com-3567	179	30	source	source	NN
www-sonatype-com-3567	179	31	supply	supply	NN
www-sonatype-com-3567	179	32	chain	chain	NN
www-sonatype-com-3567	179	33	(	(	-LRB-
www-sonatype-com-3567	179	34	e.g.	e.g.	RB
www-sonatype-com-3567	179	35	,	,	,
www-sonatype-com-3567	179	36	is	be	VBZ
www-sonatype-com-3567	179	37	itself	-PRON-	PRP
www-sonatype-com-3567	179	38	a	a	DT
www-sonatype-com-3567	179	39	dependency	dependency	NN
www-sonatype-com-3567	179	40	,	,	,
www-sonatype-com-3567	179	41	or	or	CC
www-sonatype-com-3567	179	42	has	have	VBZ
www-sonatype-com-3567	179	43	a	a	DT
www-sonatype-com-3567	179	44	dependency	dependency	NN
www-sonatype-com-3567	179	45	)	)	-RRB-
www-sonatype-com-3567	179	46	⊲	⊲	NFP
www-sonatype-com-3567	179	47	Followed	follow	VBD
www-sonatype-com-3567	179	48	the	the	DT
www-sonatype-com-3567	179	49	Maven	Maven	NNP
www-sonatype-com-3567	179	50	standard	standard	NN
www-sonatype-com-3567	179	51	for	for	IN
www-sonatype-com-3567	179	52	versioning	versioning	NN
www-sonatype-com-3567	179	53	(	(	-LRB-
www-sonatype-com-3567	179	54	e.g.	e.g.	RB
www-sonatype-com-3567	179	55	,	,	,
www-sonatype-com-3567	179	56	correct	correct	JJ
www-sonatype-com-3567	179	57	use	use	NN
www-sonatype-com-3567	179	58	of	of	IN
www-sonatype-com-3567	179	59	numeric	numeric	JJ
www-sonatype-com-3567	179	60	version	version	NN
www-sonatype-com-3567	179	61	strings	string	NNS
www-sonatype-com-3567	179	62	,	,	,
www-sonatype-com-3567	179	63	compo-	compo-	NN
www-sonatype-com-3567	179	64	nents	nent	NNS
www-sonatype-com-3567	179	65	separated	separate	VBN
www-sonatype-com-3567	179	66	by	by	IN
www-sonatype-com-3567	179	67	dots	dot	NNS
www-sonatype-com-3567	179	68	)	)	-RRB-
www-sonatype-com-3567	179	69	⊲	⊲	NFP
www-sonatype-com-3567	179	70	Has	Has	NNP
www-sonatype-com-3567	179	71	dependencies	dependency	NNS
www-sonatype-com-3567	179	72	satisfying	satisfy	VBG
www-sonatype-com-3567	179	73	all	all	DT
www-sonatype-com-3567	179	74	of	of	IN
www-sonatype-com-3567	179	75	the	the	DT
www-sonatype-com-3567	179	76	above	above	JJ
www-sonatype-com-3567	179	77	⊲	⊲	CD
www-sonatype-com-3567	179	78	Has	have	VBZ
www-sonatype-com-3567	179	79	updated	update	VBN
www-sonatype-com-3567	179	80	a	a	DT
www-sonatype-com-3567	179	81	dependency	dependency	NN
www-sonatype-com-3567	179	82	at	at	IN
www-sonatype-com-3567	179	83	least	least	JJS
www-sonatype-com-3567	179	84	once	once	RB
www-sonatype-com-3567	179	85	With	with	IN
www-sonatype-com-3567	179	86	a	a	DT
www-sonatype-com-3567	179	87	final	final	JJ
www-sonatype-com-3567	179	88	data	data	NN
www-sonatype-com-3567	179	89	set	set	NN
www-sonatype-com-3567	179	90	of	of	IN
www-sonatype-com-3567	179	91	24,053	24,053	CD
www-sonatype-com-3567	179	92	components	component	NNS
www-sonatype-com-3567	179	93	,	,	,
www-sonatype-com-3567	179	94	we	-PRON-	PRP
www-sonatype-com-3567	179	95	examined	examine	VBD
www-sonatype-com-3567	179	96	a	a	DT
www-sonatype-com-3567	179	97	number	number	NN
www-sonatype-com-3567	179	98	of	of	IN
www-sonatype-com-3567	179	99	attributes	attribute	NNS
www-sonatype-com-3567	179	100	to	to	TO
www-sonatype-com-3567	179	101	identify	identify	VB
www-sonatype-com-3567	179	102	relative	relative	JJ
www-sonatype-com-3567	179	103	hygiene	hygiene	NN
www-sonatype-com-3567	179	104	across	across	IN
www-sonatype-com-3567	179	105	open	open	JJ
www-sonatype-com-3567	179	106	source	source	NN
www-sonatype-com-3567	179	107	projects	project	NNS
www-sonatype-com-3567	179	108	including	include	VBG
www-sonatype-com-3567	179	109	,	,	,
www-sonatype-com-3567	179	110	responsiveness	responsiveness	RB
www-sonatype-com-3567	179	111	to	to	IN
www-sonatype-com-3567	179	112	reported	report	VBN
www-sonatype-com-3567	179	113	security	security	NN
www-sonatype-com-3567	179	114	vulnerabil-	vulnerabil-	JJ
www-sonatype-com-3567	179	115	ities	itie	NNS
www-sonatype-com-3567	179	116	,	,	,
www-sonatype-com-3567	179	117	number	number	NN
www-sonatype-com-3567	179	118	of	of	IN
www-sonatype-com-3567	179	119	dependencies	dependency	NNS
www-sonatype-com-3567	179	120	,	,	,
www-sonatype-com-3567	179	121	number	number	NN
www-sonatype-com-3567	179	122	of	of	IN
www-sonatype-com-3567	179	123	stale	stale	JJ
www-sonatype-com-3567	179	124	dependencies	dependency	NNS
www-sonatype-com-3567	179	125	,	,	,
www-sonatype-com-3567	179	126	frequency	frequency	NN
www-sonatype-com-3567	179	127	of	of	IN
www-sonatype-com-3567	179	128	releases	release	NNS
www-sonatype-com-3567	179	129	,	,	,
www-sonatype-com-3567	179	130	popularity	popularity	NN
www-sonatype-com-3567	179	131	,	,	,
www-sonatype-com-3567	179	132	number	number	NN
www-sonatype-com-3567	179	133	of	of	IN
www-sonatype-com-3567	179	134	commits	commit	NNS
www-sonatype-com-3567	179	135	per	per	IN
www-sonatype-com-3567	179	136	month	month	NN
www-sonatype-com-3567	179	137	,	,	,
www-sonatype-com-3567	179	138	developer	developer	NN
www-sonatype-com-3567	179	139	team	team	NN
www-sonatype-com-3567	179	140	size	size	NN
www-sonatype-com-3567	179	141	,	,	,
www-sonatype-com-3567	179	142	presence	presence	NN
www-sonatype-com-3567	179	143	of	of	IN
www-sonatype-com-3567	179	144	continuous	continuous	JJ
www-sonatype-com-3567	179	145	integration	integration	NN
www-sonatype-com-3567	179	146	,	,	,
www-sonatype-com-3567	179	147	and	and	CC
www-sonatype-com-3567	179	148	support	support	NN
www-sonatype-com-3567	179	149	type	type	NN
www-sonatype-com-3567	179	150	(	(	-LRB-
www-sonatype-com-3567	179	151	foundation	foundation	NN
www-sonatype-com-3567	179	152	,	,	,
www-sonatype-com-3567	179	153	commercial	commercial	JJ
www-sonatype-com-3567	179	154	,	,	,
www-sonatype-com-3567	179	155	or	or	CC
www-sonatype-com-3567	179	156	other	other	JJ
www-sonatype-com-3567	179	157	)	)	-RRB-
www-sonatype-com-3567	179	158	.	.	.
www-sonatype-com-3567	180	1	Finding	find	VBG
www-sonatype-com-3567	180	2	Different	different	JJ
www-sonatype-com-3567	180	3	Behavioral	Behavioral	NNP
www-sonatype-com-3567	180	4	Groups	Groups	NNPS
www-sonatype-com-3567	180	5	As	as	IN
www-sonatype-com-3567	180	6	a	a	DT
www-sonatype-com-3567	180	7	result	result	NN
www-sonatype-com-3567	180	8	of	of	IN
www-sonatype-com-3567	180	9	our	-PRON-	PRP$
www-sonatype-com-3567	180	10	analysis	analysis	NN
www-sonatype-com-3567	180	11	,	,	,
www-sonatype-com-3567	180	12	we	-PRON-	PRP
www-sonatype-com-3567	180	13	identified	identify	VBD
www-sonatype-com-3567	180	14	five	five	CD
www-sonatype-com-3567	180	15	clusters	cluster	NNS
www-sonatype-com-3567	180	16	representing	represent	VBG
www-sonatype-com-3567	180	17	8,201	8,201	CD
www-sonatype-com-3567	180	18	open	open	JJ
www-sonatype-com-3567	180	19	source	source	NN
www-sonatype-com-3567	180	20	projects	project	NNS
www-sonatype-com-3567	180	21	(	(	-LRB-
www-sonatype-com-3567	180	22	FIGURE	FIGURE	NNP
www-sonatype-com-3567	180	23	3A	3A	NNP
www-sonatype-com-3567	180	24	)	)	-RRB-
www-sonatype-com-3567	180	25	.	.	.
www-sonatype-com-3567	181	1	Exemplars	exemplar	VBZ
www-sonatype-com-3567	181	2	We	-PRON-	PRP
www-sonatype-com-3567	181	3	defined	define	VBD
www-sonatype-com-3567	181	4	Exemplars	Exemplars	NNP
www-sonatype-com-3567	181	5	to	to	TO
www-sonatype-com-3567	181	6	be	be	VB
www-sonatype-com-3567	181	7	those	those	DT
www-sonatype-com-3567	181	8	teams	team	NNS
www-sonatype-com-3567	181	9	in	in	IN
www-sonatype-com-3567	181	10	the	the	DT
www-sonatype-com-3567	181	11	fastest	fast	JJS
www-sonatype-com-3567	181	12	20	20	CD
www-sonatype-com-3567	181	13	%	%	NN
www-sonatype-com-3567	181	14	by	by	IN
www-sonatype-com-3567	181	15	Median	median	JJ
www-sonatype-com-3567	181	16	Time	Time	NNP
www-sonatype-com-3567	181	17	to	to	IN
www-sonatype-com-3567	181	18	Update	Update	NNP
www-sonatype-com-3567	181	19	(	(	-LRB-
www-sonatype-com-3567	181	20	MTTU	MTTU	NNP
www-sonatype-com-3567	181	21	)	)	-RRB-
www-sonatype-com-3567	181	22	dependencies	dependency	NNS
www-sonatype-com-3567	181	23	,	,	,
www-sonatype-com-3567	181	24	and	and	CC
www-sonatype-com-3567	181	25	in	in	IN
www-sonatype-com-3567	181	26	the	the	DT
www-sonatype-com-3567	181	27	best	good	JJS
www-sonatype-com-3567	181	28	(	(	-LRB-
www-sonatype-com-3567	181	29	lowest	low	JJS
www-sonatype-com-3567	181	30	)	)	-RRB-
www-sonatype-com-3567	181	31	20	20	CD
www-sonatype-com-3567	181	32	%	%	NN
www-sonatype-com-3567	181	33	by	by	IN
www-sonatype-com-3567	181	34	stale	stale	JJ
www-sonatype-com-3567	181	35	dependency	dependency	NN
www-sonatype-com-3567	181	36	count	count	NN
www-sonatype-com-3567	181	37	.	.	.
www-sonatype-com-3567	182	1	Exemplars	exemplar	NNS
www-sonatype-com-3567	182	2	demonstrate	demonstrate	VBP
www-sonatype-com-3567	182	3	statistically	statistically	RB
www-sonatype-com-3567	182	4	significant	significant	JJ
www-sonatype-com-3567	182	5	differences	difference	NNS
www-sonatype-com-3567	182	6	as	as	IN
www-sonatype-com-3567	182	7	compared	compare	VBN
www-sonatype-com-3567	182	8	to	to	IN
www-sonatype-com-3567	182	9	the	the	DT
www-sonatype-com-3567	182	10	rest	rest	NN
www-sonatype-com-3567	182	11	of	of	IN
www-sonatype-com-3567	182	12	the	the	DT
www-sonatype-com-3567	182	13	data	data	NN
www-sonatype-com-3567	182	14	set	set	VBN
www-sonatype-com-3567	182	15	in	in	IN
www-sonatype-com-3567	182	16	the	the	DT
www-sonatype-com-3567	182	17	following	following	JJ
www-sonatype-com-3567	182	18	attributes	attribute	NNS
www-sonatype-com-3567	182	19	:	:	:
www-sonatype-com-3567	182	20	⊲	⊲	NNS
www-sonatype-com-3567	182	21	530x	530x	NNS
www-sonatype-com-3567	182	22	faster	fast	JJR
www-sonatype-com-3567	182	23	MTTU	MTTU	NNS
www-sonatype-com-3567	182	24	⊲	⊲	CD
www-sonatype-com-3567	182	25	2.8x	2.8x	CD
www-sonatype-com-3567	182	26	more	more	JJR
www-sonatype-com-3567	182	27	commits	commit	NNS
www-sonatype-com-3567	182	28	⊲	⊲	SYM
www-sonatype-com-3567	182	29	1.5x	1.5x	CD
www-sonatype-com-3567	182	30	more	more	JJR
www-sonatype-com-3567	182	31	frequent	frequent	JJ
www-sonatype-com-3567	182	32	releases	release	NNS
www-sonatype-com-3567	182	33	⊲	⊲	SYM
www-sonatype-com-3567	182	34	1.4x	1.4x	CD
www-sonatype-com-3567	182	35	larger	large	JJR
www-sonatype-com-3567	182	36	development	development	NN
www-sonatype-com-3567	182	37	teams	team	NNS
www-sonatype-com-3567	182	38	⊲	⊲	NFP
www-sonatype-com-3567	182	39	2.9x	2.9x	CD
www-sonatype-com-3567	182	40	fewer	few	JJR
www-sonatype-com-3567	182	41	dependencies	dependency	NNS
www-sonatype-com-3567	182	42	⊲	⊲	SYM
www-sonatype-com-3567	182	43	2.5x	2.5x	CD
www-sonatype-com-3567	182	44	more	more	RBR
www-sonatype-com-3567	182	45	popular	popular	JJ
www-sonatype-com-3567	182	46	⊲	⊲	CD
www-sonatype-com-3567	182	47	173x	173x	NNS
www-sonatype-com-3567	182	48	less	less	RBR
www-sonatype-com-3567	182	49	likely	likely	JJ
www-sonatype-com-3567	182	50	to	to	TO
www-sonatype-com-3567	182	51	have	have	VB
www-sonatype-com-3567	182	52	at	at	RB
www-sonatype-com-3567	182	53	least	least	RBS
www-sonatype-com-3567	182	54	one	one	CD
www-sonatype-com-3567	182	55	dependency	dependency	NN
www-sonatype-com-3567	182	56	out	out	IN
www-sonatype-com-3567	182	57	of	of	IN
www-sonatype-com-3567	182	58	date	date	NN
www-sonatype-com-3567	182	59	LARGE	large	JJ
www-sonatype-com-3567	182	60	EXEMPLARS	exemplar	NNS
www-sonatype-com-3567	182	61	Large	large	JJ
www-sonatype-com-3567	182	62	exemplary	exemplary	JJ
www-sonatype-com-3567	182	63	teams	team	NNS
www-sonatype-com-3567	182	64	(	(	-LRB-
www-sonatype-com-3567	182	65	top	top	JJ
www-sonatype-com-3567	182	66	50	50	CD
www-sonatype-com-3567	182	67	%	%	NN
www-sonatype-com-3567	182	68	by	by	IN
www-sonatype-com-3567	182	69	size	size	NN
www-sonatype-com-3567	182	70	,	,	,
www-sonatype-com-3567	182	71	with	with	IN
www-sonatype-com-3567	182	72	an	an	DT
www-sonatype-com-3567	182	73	average	average	NN
www-sonatype-com-3567	182	74	of	of	IN
www-sonatype-com-3567	182	75	8.3	8.3	CD
www-sonatype-com-3567	182	76	developers	developer	NNS
www-sonatype-com-3567	182	77	committing	commit	VBG
www-sonatype-com-3567	182	78	code	code	NN
www-sonatype-com-3567	182	79	on	on	IN
www-sonatype-com-3567	182	80	at	at	RB
www-sonatype-com-3567	182	81	least	least	JJS
www-sonatype-com-3567	182	82	a	a	DT
www-sonatype-com-3567	182	83	monthly	monthly	JJ
www-sonatype-com-3567	182	84	basis	basis	NN
www-sonatype-com-3567	182	85	)	)	-RRB-
www-sonatype-com-3567	182	86	,	,	,
www-sonatype-com-3567	182	87	commit	commit	VB
www-sonatype-com-3567	182	88	code	code	NN
www-sonatype-com-3567	182	89	frequently	frequently	RB
www-sonatype-com-3567	182	90	,	,	,
www-sonatype-com-3567	182	91	release	release	VB
www-sonatype-com-3567	182	92	frequently	frequently	RB
www-sonatype-com-3567	182	93	,	,	,
www-sonatype-com-3567	182	94	and	and	CC
www-sonatype-com-3567	182	95	do	do	VB
www-sonatype-com-3567	182	96	an	an	DT
www-sonatype-com-3567	182	97	excellent	excellent	JJ
www-sonatype-com-3567	182	98	job	job	NN
www-sonatype-com-3567	182	99	of	of	IN
www-sonatype-com-3567	182	100	managing	manage	VBG
www-sonatype-com-3567	182	101	their	-PRON-	PRP$
www-sonatype-com-3567	182	102	dependencies	dependency	NNS
www-sonatype-com-3567	182	103	.	.	.
www-sonatype-com-3567	183	1	For	for	IN
www-sonatype-com-3567	183	2	example	example	NN
www-sonatype-com-3567	183	3	,	,	,
www-sonatype-com-3567	183	4	we	-PRON-	PRP
www-sonatype-com-3567	183	5	can	can	MD
www-sonatype-com-3567	183	6	see	see	VB
www-sonatype-com-3567	183	7	that	that	IN
www-sonatype-com-3567	183	8	large	large	JJ
www-sonatype-com-3567	183	9	exemplary	exemplary	JJ
www-sonatype-com-3567	183	10	teams	team	NNS
www-sonatype-com-3567	183	11	are	be	VBP
www-sonatype-com-3567	183	12	608x	608x	NNS
www-sonatype-com-3567	183	13	faster	fast	RBR
www-sonatype-com-3567	183	14	at	at	IN
www-sonatype-com-3567	183	15	updating	update	VBG
www-sonatype-com-3567	183	16	their	-PRON-	PRP$
www-sonatype-com-3567	183	17	dependencies	dependency	NNS
www-sonatype-com-3567	183	18	and	and	CC
www-sonatype-com-3567	183	19	they	-PRON-	PRP
www-sonatype-com-3567	183	20	release	release	VBP
www-sonatype-com-3567	183	21	2.9x	2.9x	CD
www-sonatype-com-3567	183	22	more	more	RBR
www-sonatype-com-3567	183	23	frequently	frequently	RB
www-sonatype-com-3567	183	24	than	than	IN
www-sonatype-com-3567	183	25	non	non	JJ
www-sonatype-com-3567	183	26	-	-	JJ
www-sonatype-com-3567	183	27	exemplar	exemplar	JJ
www-sonatype-com-3567	183	28	clusters	cluster	NNS
www-sonatype-com-3567	183	29	.	.	.
www-sonatype-com-3567	184	1	We	-PRON-	PRP
www-sonatype-com-3567	184	2	can	can	MD
www-sonatype-com-3567	184	3	see	see	VB
www-sonatype-com-3567	184	4	that	that	IN
www-sonatype-com-3567	184	5	21	21	CD
www-sonatype-com-3567	184	6	%	%	NN
www-sonatype-com-3567	184	7	of	of	IN
www-sonatype-com-3567	184	8	these	these	DT
www-sonatype-com-3567	184	9	projects	project	NNS
www-sonatype-com-3567	184	10	are	be	VBP
www-sonatype-com-3567	184	11	associated	associate	VBN
www-sonatype-com-3567	184	12	with	with	IN
www-sonatype-com-3567	184	13	an	an	DT
www-sonatype-com-3567	184	14	open	open	JJ
www-sonatype-com-3567	184	15	source	source	NN
www-sonatype-com-3567	184	16	foundation	foundation	NN
www-sonatype-com-3567	184	17	—	—	:
www-sonatype-com-3567	184	18	a	a	DT
www-sonatype-com-3567	184	19	higher	high	JJR
www-sonatype-com-3567	184	20	representation	representation	NN
www-sonatype-com-3567	184	21	than	than	IN
www-sonatype-com-3567	184	22	any	any	DT
www-sonatype-com-3567	184	23	other	other	JJ
www-sonatype-com-3567	184	24	cluster	cluster	NN
www-sonatype-com-3567	184	25	group	group	NN
www-sonatype-com-3567	184	26	.	.	.
www-sonatype-com-3567	185	1	SMALL	SMALL	NNP
www-sonatype-com-3567	185	2	EXEMPLARS	EXEMPLARS	NNP
www-sonatype-com-3567	185	3	The	the	DT
www-sonatype-com-3567	185	4	smallest	small	JJS
www-sonatype-com-3567	185	5	50	50	CD
www-sonatype-com-3567	185	6	%	%	NN
www-sonatype-com-3567	185	7	of	of	IN
www-sonatype-com-3567	185	8	exemplary	exemplary	JJ
www-sonatype-com-3567	185	9	teams	team	NNS
www-sonatype-com-3567	185	10	by	by	IN
www-sonatype-com-3567	185	11	number	number	NN
www-sonatype-com-3567	185	12	of	of	IN
www-sonatype-com-3567	185	13	developers	developer	NNS
www-sonatype-com-3567	185	14	have	have	VBP
www-sonatype-com-3567	185	15	an	an	DT
www-sonatype-com-3567	185	16	average	average	NN
www-sonatype-com-3567	185	17	of	of	IN
www-sonatype-com-3567	185	18	less	less	JJR
www-sonatype-com-3567	185	19	than	than	IN
www-sonatype-com-3567	185	20	two	two	CD
www-sonatype-com-3567	185	21	developers	developer	NNS
www-sonatype-com-3567	185	22	,	,	,
www-sonatype-com-3567	185	23	but	but	CC
www-sonatype-com-3567	185	24	still	still	RB
www-sonatype-com-3567	185	25	manage	manage	VBP
www-sonatype-com-3567	185	26	to	to	TO
www-sonatype-com-3567	185	27	run	run	VB
www-sonatype-com-3567	185	28	popular	popular	JJ
www-sonatype-com-3567	185	29	,	,	,
www-sonatype-com-3567	185	30	widely	widely	RB
www-sonatype-com-3567	185	31	SMALL	small	JJ
www-sonatype-com-3567	185	32	EXEMPLAR	EXEMPLAR	NNP
www-sonatype-com-3567	185	33	(	(	-LRB-
www-sonatype-com-3567	185	34	329	329	CD
www-sonatype-com-3567	185	35	)	)	-RRB-
www-sonatype-com-3567	185	36	LARGE	large	NN
www-sonatype-com-3567	185	37	EXEMPLAR	EXEMPLAR	NNS
www-sonatype-com-3567	185	38	(	(	-LRB-
www-sonatype-com-3567	185	39	560	560	CD
www-sonatype-com-3567	185	40	)	)	-RRB-
www-sonatype-com-3567	185	41	LAGGARDS	LAGGARDS	NNP
www-sonatype-com-3567	185	42	(	(	-LRB-
www-sonatype-com-3567	185	43	3,040	3,040	CD
www-sonatype-com-3567	185	44	)	)	-RRB-
www-sonatype-com-3567	185	45	FEATURES	FEATURES	NNP
www-sonatype-com-3567	185	46	FIRST	FIRST	NNP
www-sonatype-com-3567	185	47	(	(	-LRB-
www-sonatype-com-3567	185	48	581	581	CD
www-sonatype-com-3567	185	49	)	)	-RRB-
www-sonatype-com-3567	185	50	CAUTIOUS	CAUTIOUS	NNP
www-sonatype-com-3567	185	51	(	(	-LRB-
www-sonatype-com-3567	185	52	3,691	3,691	CD
www-sonatype-com-3567	185	53	)	)	-RRB-
www-sonatype-com-3567	185	54	Small	small	JJ
www-sonatype-com-3567	185	55	development	development	NN
www-sonatype-com-3567	185	56	teams	team	NNS
www-sonatype-com-3567	185	57	(	(	-LRB-
www-sonatype-com-3567	185	58	1.6	1.6	CD
www-sonatype-com-3567	185	59	devs	dev	NNS
www-sonatype-com-3567	185	60	)	)	-RRB-
www-sonatype-com-3567	185	61	,	,	,
www-sonatype-com-3567	185	62	exemplary	exemplary	JJ
www-sonatype-com-3567	185	63	MTTU	MTTU	NNP
www-sonatype-com-3567	185	64	,	,	,
www-sonatype-com-3567	185	65	likely	likely	JJ
www-sonatype-com-3567	185	66	to	to	TO
www-sonatype-com-3567	185	67	be	be	VB
www-sonatype-com-3567	185	68	commer-	commer-	JJ
www-sonatype-com-3567	185	69	cially	cially	RB
www-sonatype-com-3567	185	70	supported	support	VBN
www-sonatype-com-3567	185	71	and	and	CC
www-sonatype-com-3567	185	72	4.3x	4.3x	CD
www-sonatype-com-3567	185	73	more	more	RBR
www-sonatype-com-3567	185	74	popular	popular	JJ
www-sonatype-com-3567	185	75	.	.	.
www-sonatype-com-3567	186	1	Large	large	JJ
www-sonatype-com-3567	186	2	development	development	NN
www-sonatype-com-3567	186	3	teams	team	NNS
www-sonatype-com-3567	186	4	(	(	-LRB-
www-sonatype-com-3567	186	5	8.3	8.3	CD
www-sonatype-com-3567	186	6	devs	dev	NNS
www-sonatype-com-3567	186	7	)	)	-RRB-
www-sonatype-com-3567	186	8	,	,	,
www-sonatype-com-3567	186	9	exemplary	exemplary	JJ
www-sonatype-com-3567	186	10	MTTU	MTTU	NNP
www-sonatype-com-3567	186	11	,	,	,
www-sonatype-com-3567	186	12	likely	likely	JJ
www-sonatype-com-3567	186	13	to	to	TO
www-sonatype-com-3567	186	14	be	be	VB
www-sonatype-com-3567	186	15	founda-	founda-	NNP
www-sonatype-com-3567	186	16	tion	tion	NN
www-sonatype-com-3567	186	17	supported	support	VBD
www-sonatype-com-3567	186	18	,	,	,
www-sonatype-com-3567	186	19	2.5x	2.5x	CD
www-sonatype-com-3567	186	20	more	more	RBR
www-sonatype-com-3567	186	21	popular	popular	JJ
www-sonatype-com-3567	186	22	.	.	.
www-sonatype-com-3567	187	1	Poor	poor	JJ
www-sonatype-com-3567	187	2	MTTU	MTTU	NNS
www-sonatype-com-3567	187	3	,	,	,
www-sonatype-com-3567	187	4	high	high	JJ
www-sonatype-com-3567	187	5	stale	stale	JJ
www-sonatype-com-3567	187	6	dependency	dependency	NN
www-sonatype-com-3567	187	7	count	count	NN
www-sonatype-com-3567	187	8	,	,	,
www-sonatype-com-3567	187	9	more	more	RBR
www-sonatype-com-3567	187	10	likely	likely	JJ
www-sonatype-com-3567	187	11	to	to	TO
www-sonatype-com-3567	187	12	be	be	VB
www-sonatype-com-3567	187	13	commercially	commercially	RB
www-sonatype-com-3567	187	14	supported	support	VBN
www-sonatype-com-3567	187	15	.	.	.
www-sonatype-com-3567	188	1	Frequent	frequent	JJ
www-sonatype-com-3567	188	2	releases	release	NNS
www-sonatype-com-3567	188	3	,	,	,
www-sonatype-com-3567	188	4	but	but	CC
www-sonatype-com-3567	188	5	poor	poor	JJ
www-sonatype-com-3567	188	6	TTU	TTU	NNP
www-sonatype-com-3567	188	7	.	.	.
www-sonatype-com-3567	189	1	Still	still	RB
www-sonatype-com-3567	189	2	reasonably	reasonably	RB
www-sonatype-com-3567	189	3	popular	popular	JJ
www-sonatype-com-3567	189	4	.	.	.
www-sonatype-com-3567	190	1	Good	good	JJ
www-sonatype-com-3567	190	2	TTU	TTU	NNP
www-sonatype-com-3567	190	3	,	,	,
www-sonatype-com-3567	190	4	but	but	CC
www-sonatype-com-3567	190	5	seldom	seldom	RB
www-sonatype-com-3567	190	6	completely	completely	RB
www-sonatype-com-3567	190	7	up	up	IN
www-sonatype-com-3567	190	8	to	to	IN
www-sonatype-com-3567	190	9	date	date	NN
www-sonatype-com-3567	190	10	.	.	.
www-sonatype-com-3567	191	1	FIGURE	FIGURE	NNP
www-sonatype-com-3567	191	2	3A	3A	NNP
www-sonatype-com-3567	191	3	Large	large	JJ
www-sonatype-com-3567	191	4	exemplars	exemplar	NNS
www-sonatype-com-3567	191	5	are	be	VBP
www-sonatype-com-3567	191	6	608x	608x	NNS
www-sonatype-com-3567	191	7	faster	fast	RBR
www-sonatype-com-3567	191	8	at	at	IN
www-sonatype-com-3567	191	9	updating	update	VBG
www-sonatype-com-3567	191	10	their	-PRON-	PRP$
www-sonatype-com-3567	191	11	dependencies	dependency	NNS
www-sonatype-com-3567	191	12	and	and	CC
www-sonatype-com-3567	191	13	they	-PRON-	PRP
www-sonatype-com-3567	191	14	release	release	VBP
www-sonatype-com-3567	191	15	2.9x	2.9x	CD
www-sonatype-com-3567	191	16	more	more	RBR
www-sonatype-com-3567	191	17	frequently	frequently	RB
www-sonatype-com-3567	191	18	than	than	IN
www-sonatype-com-3567	191	19	non	non	JJ
www-sonatype-com-3567	191	20	-	-	JJ
www-sonatype-com-3567	191	21	exemplar	exemplar	JJ
www-sonatype-com-3567	191	22	clusters	cluster	NNS
www-sonatype-com-3567	191	23	.	.	.
www-sonatype-com-3567	192	1	162020	162020	CD
www-sonatype-com-3567	192	2	STATE	STATE	NNP
www-sonatype-com-3567	192	3	OF	of	IN
www-sonatype-com-3567	192	4	THE	the	DT
www-sonatype-com-3567	192	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	192	6	SUPPLY	supply	NN
www-sonatype-com-3567	192	7	CHAIN	chain	NN
www-sonatype-com-3567	192	8	REPORT	report	NN
www-sonatype-com-3567	192	9	C	c	NN
www-sonatype-com-3567	192	10	H	h	NN
www-sonatype-com-3567	192	11	A	a	NN
www-sonatype-com-3567	192	12	P	p	NN
www-sonatype-com-3567	192	13	T	t	NN
www-sonatype-com-3567	192	14	E	e	NN
www-sonatype-com-3567	192	15	R	r	NN
www-sonatype-com-3567	192	16	3	3	CD
www-sonatype-com-3567	192	17	:	:	:
www-sonatype-com-3567	192	18	ID	ID	NNP
www-sonatype-com-3567	192	19	E	e	NN
www-sonatype-com-3567	192	20	N	n	NN
www-sonatype-com-3567	192	21	T	t	NN
www-sonatype-com-3567	192	22	IF	if	IN
www-sonatype-com-3567	192	23	Y	y	NN
www-sonatype-com-3567	192	24	IN	in	IN
www-sonatype-com-3567	192	25	G	g	NN
www-sonatype-com-3567	192	26	E	e	NN
www-sonatype-com-3567	192	27	X	x	NN
www-sonatype-com-3567	192	28	E	e	NN
www-sonatype-com-3567	192	29	M	m	NN
www-sonatype-com-3567	192	30	P	p	NN
www-sonatype-com-3567	192	31	L	l	NN
www-sonatype-com-3567	192	32	A	a	NN
www-sonatype-com-3567	192	33	R	r	NN
www-sonatype-com-3567	192	34	Y	y	NN
www-sonatype-com-3567	192	35	O	o	NN
www-sonatype-com-3567	192	36	P	p	NN
www-sonatype-com-3567	192	37	E	e	NN
www-sonatype-com-3567	192	38	N	n	NN
www-sonatype-com-3567	192	39	S	s	NN
www-sonatype-com-3567	192	40	O	o	NN
www-sonatype-com-3567	192	41	U	u	NN
www-sonatype-com-3567	192	42	R	r	NN
www-sonatype-com-3567	192	43	C	c	NN
www-sonatype-com-3567	192	44	E	e	NN
www-sonatype-com-3567	192	45	S	s	NN
www-sonatype-com-3567	192	46	U	u	NN
www-sonatype-com-3567	192	47	P	p	NN
www-sonatype-com-3567	192	48	P	p	NN
www-sonatype-com-3567	192	49	L	l	NN
www-sonatype-com-3567	192	50	IE	IE	NNP
www-sonatype-com-3567	192	51	R	R	NNP
www-sonatype-com-3567	192	52	S	S	NNP
www-sonatype-com-3567	192	53	used	use	VBN
www-sonatype-com-3567	192	54	,	,	,
www-sonatype-com-3567	192	55	and	and	CC
www-sonatype-com-3567	192	56	high	high	JJ
www-sonatype-com-3567	192	57	quality	quality	NN
www-sonatype-com-3567	192	58	projects	project	NNS
www-sonatype-com-3567	192	59	.	.	.
www-sonatype-com-3567	193	1	However	however	WRB
www-sonatype-com-3567	193	2	small	small	JJ
www-sonatype-com-3567	193	3	in	in	IN
www-sonatype-com-3567	193	4	team	team	NN
www-sonatype-com-3567	193	5	size	size	NN
www-sonatype-com-3567	193	6	,	,	,
www-sonatype-com-3567	193	7	they	-PRON-	PRP
www-sonatype-com-3567	193	8	still	still	RB
www-sonatype-com-3567	193	9	update	update	VBP
www-sonatype-com-3567	193	10	dependencies	dependency	NNS
www-sonatype-com-3567	193	11	475x	475x	NNS
www-sonatype-com-3567	193	12	faster	fast	RBR
www-sonatype-com-3567	193	13	than	than	IN
www-sonatype-com-3567	193	14	the	the	DT
www-sonatype-com-3567	193	15	rest	rest	NN
www-sonatype-com-3567	193	16	of	of	IN
www-sonatype-com-3567	193	17	the	the	DT
www-sonatype-com-3567	193	18	population	population	NN
www-sonatype-com-3567	193	19	and	and	CC
www-sonatype-com-3567	193	20	are	be	VBP
www-sonatype-com-3567	193	21	4.3x	4.3x	CD
www-sonatype-com-3567	193	22	more	more	RBR
www-sonatype-com-3567	193	23	popular	popular	JJ
www-sonatype-com-3567	193	24	by	by	IN
www-sonatype-com-3567	193	25	download	download	NN
www-sonatype-com-3567	193	26	count	count	NN
www-sonatype-com-3567	193	27	compared	compare	VBN
www-sonatype-com-3567	193	28	to	to	IN
www-sonatype-com-3567	193	29	the	the	DT
www-sonatype-com-3567	193	30	Laggards	Laggards	NNP
www-sonatype-com-3567	193	31	and	and	CC
www-sonatype-com-3567	193	32	Cautious	cautious	JJ
www-sonatype-com-3567	193	33	teams	team	NNS
www-sonatype-com-3567	193	34	.	.	.
www-sonatype-com-3567	194	1	Small	small	JJ
www-sonatype-com-3567	194	2	projects	project	NNS
www-sonatype-com-3567	194	3	were	be	VBD
www-sonatype-com-3567	194	4	also	also	RB
www-sonatype-com-3567	194	5	7x	7x	CD
www-sonatype-com-3567	194	6	more	more	RBR
www-sonatype-com-3567	194	7	likely	likely	JJ
www-sonatype-com-3567	194	8	to	to	TO
www-sonatype-com-3567	194	9	be	be	VB
www-sonatype-com-3567	194	10	commercially	commercially	RB
www-sonatype-com-3567	194	11	supported	support	VBN
www-sonatype-com-3567	194	12	versus	versus	IN
www-sonatype-com-3567	194	13	open	open	JJ
www-sonatype-com-3567	194	14	source	source	NN
www-sonatype-com-3567	194	15	foundation	foundation	NN
www-sonatype-com-3567	194	16	supported	support	VBD
www-sonatype-com-3567	194	17	.	.	.
www-sonatype-com-3567	195	1	Laggards	Laggards	NNP
www-sonatype-com-3567	195	2	The	the	DT
www-sonatype-com-3567	195	3	teams	team	NNS
www-sonatype-com-3567	195	4	in	in	IN
www-sonatype-com-3567	195	5	the	the	DT
www-sonatype-com-3567	195	6	bottom	bottom	JJ
www-sonatype-com-3567	195	7	20	20	CD
www-sonatype-com-3567	195	8	%	%	NN
www-sonatype-com-3567	195	9	in	in	IN
www-sonatype-com-3567	195	10	MTTU	MTTU	NNP
www-sonatype-com-3567	195	11	and	and	CC
www-sonatype-com-3567	195	12	stale	stale	JJ
www-sonatype-com-3567	195	13	dependencies	dependency	NNS
www-sonatype-com-3567	195	14	are	be	VBP
www-sonatype-com-3567	195	15	the	the	DT
www-sonatype-com-3567	195	16	furthest	furth	JJS
www-sonatype-com-3567	195	17	behind	behind	RB
www-sonatype-com-3567	195	18	in	in	IN
www-sonatype-com-3567	195	19	terms	term	NNS
www-sonatype-com-3567	195	20	of	of	IN
www-sonatype-com-3567	195	21	update	update	NN
www-sonatype-com-3567	195	22	hygiene	hygiene	NN
www-sonatype-com-3567	195	23	.	.	.
www-sonatype-com-3567	196	1	These	these	DT
www-sonatype-com-3567	196	2	teams	team	NNS
www-sonatype-com-3567	196	3	release	release	VBP
www-sonatype-com-3567	196	4	infrequently	infrequently	RB
www-sonatype-com-3567	196	5	(	(	-LRB-
www-sonatype-com-3567	196	6	around	around	IN
www-sonatype-com-3567	196	7	twice	twice	PDT
www-sonatype-com-3567	196	8	each	each	DT
www-sonatype-com-3567	196	9	year	year	NN
www-sonatype-com-3567	196	10	)	)	-RRB-
www-sonatype-com-3567	196	11	and	and	CC
www-sonatype-com-3567	196	12	take	take	VB
www-sonatype-com-3567	196	13	on	on	RP
www-sonatype-com-3567	196	14	average	average	NN
www-sonatype-com-3567	196	15	almost	almost	RB
www-sonatype-com-3567	196	16	two	two	CD
www-sonatype-com-3567	196	17	years	year	NNS
www-sonatype-com-3567	196	18	to	to	TO
www-sonatype-com-3567	196	19	adopt	adopt	VB
www-sonatype-com-3567	196	20	updates	update	NNS
www-sonatype-com-3567	196	21	to	to	TO
www-sonatype-com-3567	196	22	depen-	depen-	VB
www-sonatype-com-3567	196	23	dencies	dencie	NNS
www-sonatype-com-3567	196	24	.	.	.
www-sonatype-com-3567	197	1	The	the	DT
www-sonatype-com-3567	197	2	average	average	JJ
www-sonatype-com-3567	197	3	period	period	NN
www-sonatype-com-3567	197	4	at	at	RB
www-sonatype-com-3567	197	5	least	least	JJS
www-sonatype-com-3567	197	6	one	one	CD
www-sonatype-com-3567	197	7	of	of	IN
www-sonatype-com-3567	197	8	their	-PRON-	PRP$
www-sonatype-com-3567	197	9	dependencies	dependency	NNS
www-sonatype-com-3567	197	10	is	be	VBZ
www-sonatype-com-3567	197	11	out	out	IN
www-sonatype-com-3567	197	12	of	of	IN
www-sonatype-com-3567	197	13	date	date	NN
www-sonatype-com-3567	197	14	is	be	VBZ
www-sonatype-com-3567	197	15	203	203	CD
www-sonatype-com-3567	197	16	days	day	NNS
www-sonatype-com-3567	197	17	.	.	.
www-sonatype-com-3567	198	1	They	-PRON-	PRP
www-sonatype-com-3567	198	2	are	be	VBP
www-sonatype-com-3567	198	3	1.7x	1.7x	CD
www-sonatype-com-3567	198	4	less	less	RBR
www-sonatype-com-3567	198	5	popular	popular	JJ
www-sonatype-com-3567	198	6	(	(	-LRB-
www-sonatype-com-3567	198	7	not	not	RB
www-sonatype-com-3567	198	8	downloaded	download	VBN
www-sonatype-com-3567	198	9	as	as	RB
www-sonatype-com-3567	198	10	often	often	RB
www-sonatype-com-3567	198	11	as	as	IN
www-sonatype-com-3567	198	12	other	other	JJ
www-sonatype-com-3567	198	13	projects	project	NNS
www-sonatype-com-3567	198	14	on	on	IN
www-sonatype-com-3567	198	15	average	average	JJ
www-sonatype-com-3567	198	16	)	)	-RRB-
www-sonatype-com-3567	198	17	.	.	.
www-sonatype-com-3567	199	1	However	however	RB
www-sonatype-com-3567	199	2	,	,	,
www-sonatype-com-3567	199	3	there	there	EX
www-sonatype-com-3567	199	4	are	be	VBP
www-sonatype-com-3567	199	5	288	288	CD
www-sonatype-com-3567	199	6	proj-	proj-	NN
www-sonatype-com-3567	199	7	ects	ect	NNS
www-sonatype-com-3567	199	8	in	in	IN
www-sonatype-com-3567	199	9	this	this	DT
www-sonatype-com-3567	199	10	group	group	NN
www-sonatype-com-3567	199	11	that	that	WDT
www-sonatype-com-3567	199	12	are	be	VBP
www-sonatype-com-3567	199	13	among	among	IN
www-sonatype-com-3567	199	14	the	the	DT
www-sonatype-com-3567	199	15	top	top	JJ
www-sonatype-com-3567	199	16	10	10	CD
www-sonatype-com-3567	199	17	%	%	NN
www-sonatype-com-3567	199	18	most	most	RBS
www-sonatype-com-3567	199	19	downloaded	downloaded	JJ
www-sonatype-com-3567	199	20	projects	project	NNS
www-sonatype-com-3567	199	21	from	from	IN
www-sonatype-com-3567	199	22	The	the	DT
www-sonatype-com-3567	199	23	Central	Central	NNP
www-sonatype-com-3567	199	24	Repository	Repository	NNP
www-sonatype-com-3567	199	25	.	.	.
www-sonatype-com-3567	200	1	This	this	DT
www-sonatype-com-3567	200	2	group	group	NN
www-sonatype-com-3567	200	3	represented	represent	VBD
www-sonatype-com-3567	200	4	37	37	CD
www-sonatype-com-3567	200	5	%	%	NN
www-sonatype-com-3567	200	6	of	of	IN
www-sonatype-com-3567	200	7	our	-PRON-	PRP$
www-sonatype-com-3567	200	8	dataset	dataset	NN
www-sonatype-com-3567	200	9	.	.	.
www-sonatype-com-3567	201	1	FEATURES	FEATURES	NNP
www-sonatype-com-3567	201	2	FIRST	FIRST	NNP
www-sonatype-com-3567	201	3	LAGGARDS	laggard	VBD
www-sonatype-com-3567	201	4	These	these	DT
www-sonatype-com-3567	201	5	teams	team	NNS
www-sonatype-com-3567	201	6	release	release	VBP
www-sonatype-com-3567	201	7	frequently	frequently	RB
www-sonatype-com-3567	201	8	(	(	-LRB-
www-sonatype-com-3567	201	9	top	top	JJ
www-sonatype-com-3567	201	10	50	50	CD
www-sonatype-com-3567	201	11	%	%	NN
www-sonatype-com-3567	201	12	)	)	-RRB-
www-sonatype-com-3567	201	13	but	but	CC
www-sonatype-com-3567	201	14	otherwise	otherwise	RB
www-sonatype-com-3567	201	15	fall	fall	VB
www-sonatype-com-3567	201	16	into	into	IN
www-sonatype-com-3567	201	17	the	the	DT
www-sonatype-com-3567	201	18	Laggard	Laggard	NNP
www-sonatype-com-3567	201	19	category	category	NN
www-sonatype-com-3567	201	20	(	(	-LRB-
www-sonatype-com-3567	201	21	bottom	bottom	JJ
www-sonatype-com-3567	201	22	20	20	CD
www-sonatype-com-3567	201	23	%	%	NN
www-sonatype-com-3567	201	24	MTTU	MTTU	NNS
www-sonatype-com-3567	201	25	and	and	CC
www-sonatype-com-3567	201	26	stale	stale	JJ
www-sonatype-com-3567	201	27	dependencies	dependency	NNS
www-sonatype-com-3567	201	28	)	)	-RRB-
www-sonatype-com-3567	201	29	.	.	.
www-sonatype-com-3567	202	1	They	-PRON-	PRP
www-sonatype-com-3567	202	2	have	have	VBP
www-sonatype-com-3567	202	3	larger	large	JJR
www-sonatype-com-3567	202	4	than	than	IN
www-sonatype-com-3567	202	5	average	average	JJ
www-sonatype-com-3567	202	6	(	(	-LRB-
www-sonatype-com-3567	202	7	2.4x	2.4x	CD
www-sonatype-com-3567	202	8	larger	large	JJR
www-sonatype-com-3567	202	9	)	)	-RRB-
www-sonatype-com-3567	202	10	development	development	NN
www-sonatype-com-3567	202	11	teams	team	NNS
www-sonatype-com-3567	202	12	than	than	IN
www-sonatype-com-3567	202	13	other	other	JJ
www-sonatype-com-3567	202	14	Laggards	Laggards	NNPS
www-sonatype-com-3567	202	15	,	,	,
www-sonatype-com-3567	202	16	but	but	CC
www-sonatype-com-3567	202	17	do	do	VBP
www-sonatype-com-3567	202	18	not	not	RB
www-sonatype-com-3567	202	19	prioritize	prioritize	VB
www-sonatype-com-3567	202	20	upgrading	upgrade	VBG
www-sonatype-com-3567	202	21	dependencies	dependency	NNS
www-sonatype-com-3567	202	22	.	.	.
www-sonatype-com-3567	203	1	They	-PRON-	PRP
www-sonatype-com-3567	203	2	release	release	VBP
www-sonatype-com-3567	203	3	a	a	DT
www-sonatype-com-3567	203	4	new	new	JJ
www-sonatype-com-3567	203	5	version	version	NN
www-sonatype-com-3567	203	6	every	every	DT
www-sonatype-com-3567	203	7	29	29	CD
www-sonatype-com-3567	203	8	days	day	NNS
www-sonatype-com-3567	203	9	on	on	IN
www-sonatype-com-3567	203	10	average	average	JJ
www-sonatype-com-3567	203	11	,	,	,
www-sonatype-com-3567	203	12	but	but	CC
www-sonatype-com-3567	203	13	take	take	VB
www-sonatype-com-3567	203	14	an	an	DT
www-sonatype-com-3567	203	15	average	average	NN
www-sonatype-com-3567	203	16	of	of	IN
www-sonatype-com-3567	203	17	501	501	CD
www-sonatype-com-3567	203	18	days	day	NNS
www-sonatype-com-3567	203	19	to	to	TO
www-sonatype-com-3567	203	20	upgrade	upgrade	VB
www-sonatype-com-3567	203	21	dependencies	dependency	NNS
www-sonatype-com-3567	203	22	when	when	WRB
www-sonatype-com-3567	203	23	new	new	JJ
www-sonatype-com-3567	203	24	versions	version	NNS
www-sonatype-com-3567	203	25	are	be	VBP
www-sonatype-com-3567	203	26	released	release	VBN
www-sonatype-com-3567	203	27	.	.	.
www-sonatype-com-3567	204	1	As	as	IN
www-sonatype-com-3567	204	2	a	a	DT
www-sonatype-com-3567	204	3	result	result	NN
www-sonatype-com-3567	204	4	,	,	,
www-sonatype-com-3567	204	5	88	88	CD
www-sonatype-com-3567	204	6	%	%	NN
www-sonatype-com-3567	204	7	of	of	IN
www-sonatype-com-3567	204	8	dependencies	dependency	NNS
www-sonatype-com-3567	204	9	are	be	VBP
www-sonatype-com-3567	204	10	out	out	IN
www-sonatype-com-3567	204	11	of	of	IN
www-sonatype-com-3567	204	12	date	date	NN
www-sonatype-com-3567	204	13	at	at	IN
www-sonatype-com-3567	204	14	release	release	NN
www-sonatype-com-3567	204	15	time	time	NN
www-sonatype-com-3567	204	16	.	.	.
www-sonatype-com-3567	205	1	This	this	DT
www-sonatype-com-3567	205	2	was	be	VBD
www-sonatype-com-3567	205	3	a	a	DT
www-sonatype-com-3567	205	4	small	small	JJ
www-sonatype-com-3567	205	5	group	group	NN
www-sonatype-com-3567	205	6	,	,	,
www-sonatype-com-3567	205	7	with	with	IN
www-sonatype-com-3567	205	8	7	7	CD
www-sonatype-com-3567	205	9	%	%	NN
www-sonatype-com-3567	205	10	of	of	IN
www-sonatype-com-3567	205	11	the	the	DT
www-sonatype-com-3567	205	12	five	five	CD
www-sonatype-com-3567	205	13	cluster	cluster	NN
www-sonatype-com-3567	205	14	population	population	NN
www-sonatype-com-3567	205	15	exhibiting	exhibit	VBG
www-sonatype-com-3567	205	16	this	this	DT
www-sonatype-com-3567	205	17	behavior	behavior	NN
www-sonatype-com-3567	205	18	.	.	.
www-sonatype-com-3567	206	1	Cautious	cautious	JJ
www-sonatype-com-3567	206	2	Teams	team	NNS
www-sonatype-com-3567	206	3	We	-PRON-	PRP
www-sonatype-com-3567	206	4	checked	check	VBD
www-sonatype-com-3567	206	5	to	to	TO
www-sonatype-com-3567	206	6	see	see	VB
www-sonatype-com-3567	206	7	how	how	WRB
www-sonatype-com-3567	206	8	many	many	JJ
www-sonatype-com-3567	206	9	teams	team	NNS
www-sonatype-com-3567	206	10	were	be	VBD
www-sonatype-com-3567	206	11	in	in	IN
www-sonatype-com-3567	206	12	the	the	DT
www-sonatype-com-3567	206	13	top	top	JJ
www-sonatype-com-3567	206	14	50	50	CD
www-sonatype-com-3567	206	15	%	%	NN
www-sonatype-com-3567	206	16	with	with	IN
www-sonatype-com-3567	206	17	respect	respect	NN
www-sonatype-com-3567	206	18	to	to	IN
www-sonatype-com-3567	206	19	MTTU	MTTU	NNP
www-sonatype-com-3567	206	20	,	,	,
www-sonatype-com-3567	206	21	but	but	CC
www-sonatype-com-3567	206	22	the	the	DT
www-sonatype-com-3567	206	23	bottom	bottom	JJ
www-sonatype-com-3567	206	24	20	20	CD
www-sonatype-com-3567	206	25	%	%	NN
www-sonatype-com-3567	206	26	with	with	IN
www-sonatype-com-3567	206	27	respect	respect	NN
www-sonatype-com-3567	206	28	to	to	IN
www-sonatype-com-3567	206	29	stale	stale	JJ
www-sonatype-com-3567	206	30	dependencies	dependency	NNS
www-sonatype-com-3567	206	31	.	.	.
www-sonatype-com-3567	207	1	Cautious	cautious	JJ
www-sonatype-com-3567	207	2	teams	team	NNS
www-sonatype-com-3567	207	3	release	release	VBP
www-sonatype-com-3567	207	4	new	new	JJ
www-sonatype-com-3567	207	5	versions	version	NNS
www-sonatype-com-3567	207	6	about	about	IN
www-sonatype-com-3567	207	7	every	every	DT
www-sonatype-com-3567	207	8	two	two	CD
www-sonatype-com-3567	207	9	months	month	NNS
www-sonatype-com-3567	207	10	,	,	,
www-sonatype-com-3567	207	11	which	which	WDT
www-sonatype-com-3567	207	12	is	be	VBZ
www-sonatype-com-3567	207	13	1.3x	1.3x	CD
www-sonatype-com-3567	207	14	more	more	RBR
www-sonatype-com-3567	207	15	frequently	frequently	RB
www-sonatype-com-3567	207	16	than	than	IN
www-sonatype-com-3567	207	17	Exemplar	Exemplar	NNP
www-sonatype-com-3567	207	18	teams	team	NNS
www-sonatype-com-3567	207	19	,	,	,
www-sonatype-com-3567	207	20	yet	yet	CC
www-sonatype-com-3567	207	21	they	-PRON-	PRP
www-sonatype-com-3567	207	22	were	be	VBD
www-sonatype-com-3567	207	23	11x	11x	CD
www-sonatype-com-3567	207	24	slower	slow	JJR
www-sonatype-com-3567	207	25	at	at	IN
www-sonatype-com-3567	207	26	updating	update	VBG
www-sonatype-com-3567	207	27	dependencies	dependency	NNS
www-sonatype-com-3567	207	28	.	.	.
www-sonatype-com-3567	208	1	By	by	IN
www-sonatype-com-3567	208	2	comparison	comparison	NN
www-sonatype-com-3567	208	3	,	,	,
www-sonatype-com-3567	208	4	Cautious	cautious	JJ
www-sonatype-com-3567	208	5	teams	team	NNS
www-sonatype-com-3567	208	6	were	be	VBD
www-sonatype-com-3567	208	7	27x	27x	NNS
www-sonatype-com-3567	208	8	faster	fast	RBR
www-sonatype-com-3567	208	9	at	at	IN
www-sonatype-com-3567	208	10	updating	update	VBG
www-sonatype-com-3567	208	11	dependencies	dependency	NNS
www-sonatype-com-3567	208	12	than	than	IN
www-sonatype-com-3567	208	13	their	-PRON-	PRP$
www-sonatype-com-3567	208	14	Features	feature	NNS
www-sonatype-com-3567	208	15	First	First	NNP
www-sonatype-com-3567	208	16	Laggard	Laggard	NNP
www-sonatype-com-3567	208	17	peers	peer	NNS
www-sonatype-com-3567	208	18	.	.	.
www-sonatype-com-3567	209	1	These	these	DT
www-sonatype-com-3567	209	2	teams	team	NNS
www-sonatype-com-3567	209	3	maintain	maintain	VBP
www-sonatype-com-3567	209	4	better	well	JJR
www-sonatype-com-3567	209	5	-	-	HYPH
www-sonatype-com-3567	209	6	than	than	IN
www-sonatype-com-3567	209	7	-	-	HYPH
www-sonatype-com-3567	209	8	median	median	JJ
www-sonatype-com-3567	209	9	update	update	NN
www-sonatype-com-3567	209	10	cadence	cadence	NN
www-sonatype-com-3567	209	11	,	,	,
www-sonatype-com-3567	209	12	yet	yet	RB
www-sonatype-com-3567	209	13	do	do	VBP
www-sonatype-com-3567	209	14	not	not	RB
www-sonatype-com-3567	209	15	immediately	immediately	RB
www-sonatype-com-3567	209	16	adopt	adopt	VB
www-sonatype-com-3567	209	17	new	new	JJ
www-sonatype-com-3567	209	18	versions	version	NNS
www-sonatype-com-3567	209	19	of	of	IN
www-sonatype-com-3567	209	20	dependencies	dependency	NNS
www-sonatype-com-3567	209	21	,	,	,
www-sonatype-com-3567	209	22	choosing	choose	VBG
www-sonatype-com-3567	209	23	instead	instead	RB
www-sonatype-com-3567	209	24	to	to	TO
www-sonatype-com-3567	209	25	wait	wait	VB
www-sonatype-com-3567	209	26	a	a	DT
www-sonatype-com-3567	209	27	few	few	JJ
www-sonatype-com-3567	209	28	months	month	NNS
www-sonatype-com-3567	209	29	before	before	IN
www-sonatype-com-3567	209	30	moving	move	VBG
www-sonatype-com-3567	209	31	to	to	IN
www-sonatype-com-3567	209	32	a	a	DT
www-sonatype-com-3567	209	33	new	new	JJ
www-sonatype-com-3567	209	34	dependency	dependency	NN
www-sonatype-com-3567	209	35	release	release	NN
www-sonatype-com-3567	209	36	.	.	.
www-sonatype-com-3567	210	1	This	this	DT
www-sonatype-com-3567	210	2	group	group	NN
www-sonatype-com-3567	210	3	represented	represent	VBD
www-sonatype-com-3567	210	4	45	45	CD
www-sonatype-com-3567	210	5	%	%	NN
www-sonatype-com-3567	210	6	of	of	IN
www-sonatype-com-3567	210	7	our	-PRON-	PRP$
www-sonatype-com-3567	210	8	dataset	dataset	NN
www-sonatype-com-3567	210	9	falling	fall	VBG
www-sonatype-com-3567	210	10	into	into	IN
www-sonatype-com-3567	210	11	this	this	DT
www-sonatype-com-3567	210	12	category	category	NN
www-sonatype-com-3567	210	13	.	.	.
www-sonatype-com-3567	211	1	Exemplary	Exemplary	NNP
www-sonatype-com-3567	211	2	OSS	OSS	NNP
www-sonatype-com-3567	211	3	Projects	Projects	NNPS
www-sonatype-com-3567	211	4	Di	Di	NNP
www-sonatype-com-3567	211	5	�	�	NNP
www-sonatype-com-3567	211	6	erentiate	erentiate	VB
www-sonatype-com-3567	211	7	Through	through	IN
www-sonatype-com-3567	211	8	Seven	Seven	NNP
www-sonatype-com-3567	211	9	Performance	Performance	NNP
www-sonatype-com-3567	211	10	Metrics	Metrics	NNP
www-sonatype-com-3567	211	11	140	140	CD
www-sonatype-com-3567	211	12	%	%	NN
www-sonatype-com-3567	211	13	larger	large	JJR
www-sonatype-com-3567	211	14	development	development	NN
www-sonatype-com-3567	211	15	teams	team	NNS
www-sonatype-com-3567	211	16	1.5x	1.5x	CD
www-sonatype-com-3567	211	17	more	more	JJR
www-sonatype-com-3567	211	18	frequent	frequent	JJ
www-sonatype-com-3567	211	19	releases	release	NNS
www-sonatype-com-3567	211	20	530x	530x	NNS
www-sonatype-com-3567	211	21	faster	fast	JJR
www-sonatype-com-3567	211	22	MTTU	mttu	CD
www-sonatype-com-3567	211	23	2.9x	2.9x	CD
www-sonatype-com-3567	211	24	fewer	few	JJR
www-sonatype-com-3567	211	25	dependencies	dependency	NNS
www-sonatype-com-3567	211	26	250	250	CD
www-sonatype-com-3567	211	27	%	%	NN
www-sonatype-com-3567	211	28	more	more	RBR
www-sonatype-com-3567	211	29	popular	popular	JJ
www-sonatype-com-3567	211	30	by	by	IN
www-sonatype-com-3567	211	31	download	download	NN
www-sonatype-com-3567	211	32	count	count	NN
www-sonatype-com-3567	211	33	173x	173x	CD
www-sonatype-com-3567	211	34	less	less	RBR
www-sonatype-com-3567	211	35	likely	likely	JJ
www-sonatype-com-3567	211	36	to	to	TO
www-sonatype-com-3567	211	37	have	have	VB
www-sonatype-com-3567	211	38	at	at	RB
www-sonatype-com-3567	211	39	least	least	RBS
www-sonatype-com-3567	211	40	one	one	CD
www-sonatype-com-3567	211	41	dependency	dependency	NN
www-sonatype-com-3567	211	42	out	out	IN
www-sonatype-com-3567	211	43	of	of	IN
www-sonatype-com-3567	211	44	date	date	NN
www-sonatype-com-3567	211	45	2.8x	2.8x	CD
www-sonatype-com-3567	211	46	more	more	JJR
www-sonatype-com-3567	211	47	commits	commit	NNS
www-sonatype-com-3567	211	48	FIGURE	FIGURE	NNP
www-sonatype-com-3567	211	49	3B	3b	NN
www-sonatype-com-3567	211	50	Exemplary	Exemplary	NNP
www-sonatype-com-3567	211	51	OSS	OSS	NNP
www-sonatype-com-3567	211	52	Projects	Projects	NNPS
www-sonatype-com-3567	211	53	Differentiate	differentiate	JJ
www-sonatype-com-3567	211	54	Through	through	IN
www-sonatype-com-3567	211	55	Seven	seven	CD
www-sonatype-com-3567	211	56	Performance	Performance	NNP
www-sonatype-com-3567	211	57	Metrics	Metrics	NNP
www-sonatype-com-3567	211	58	However	however	RB
www-sonatype-com-3567	211	59	small	small	JJ
www-sonatype-com-3567	211	60	in	in	IN
www-sonatype-com-3567	211	61	team	team	NN
www-sonatype-com-3567	211	62	size	size	NN
www-sonatype-com-3567	211	63	,	,	,
www-sonatype-com-3567	211	64	Small	Small	NNP
www-sonatype-com-3567	211	65	Exemplars	Exemplars	NNP
www-sonatype-com-3567	211	66	still	still	RB
www-sonatype-com-3567	211	67	update	update	VBP
www-sonatype-com-3567	211	68	dependencies	dependency	NNS
www-sonatype-com-3567	211	69	475x	475x	NNS
www-sonatype-com-3567	211	70	faster	fast	RBR
www-sonatype-com-3567	211	71	than	than	IN
www-sonatype-com-3567	211	72	the	the	DT
www-sonatype-com-3567	211	73	rest	rest	NN
www-sonatype-com-3567	211	74	of	of	IN
www-sonatype-com-3567	211	75	the	the	DT
www-sonatype-com-3567	211	76	population	population	NN
www-sonatype-com-3567	211	77	.	.	.
www-sonatype-com-3567	212	1	172020	172020	CD
www-sonatype-com-3567	212	2	STATE	STATE	NNP
www-sonatype-com-3567	212	3	OF	of	IN
www-sonatype-com-3567	212	4	THE	the	DT
www-sonatype-com-3567	212	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	212	6	SUPPLY	supply	NN
www-sonatype-com-3567	212	7	CHAIN	chain	NN
www-sonatype-com-3567	212	8	REPORT	report	NN
www-sonatype-com-3567	212	9	C	c	NN
www-sonatype-com-3567	212	10	H	h	NN
www-sonatype-com-3567	212	11	A	a	NN
www-sonatype-com-3567	212	12	P	p	NN
www-sonatype-com-3567	212	13	T	t	NN
www-sonatype-com-3567	212	14	E	e	NN
www-sonatype-com-3567	212	15	R	r	NN
www-sonatype-com-3567	212	16	3	3	CD
www-sonatype-com-3567	212	17	:	:	:
www-sonatype-com-3567	212	18	ID	ID	NNP
www-sonatype-com-3567	212	19	E	e	NN
www-sonatype-com-3567	212	20	N	n	NN
www-sonatype-com-3567	212	21	T	t	NN
www-sonatype-com-3567	212	22	IF	if	IN
www-sonatype-com-3567	212	23	Y	y	NN
www-sonatype-com-3567	212	24	IN	in	IN
www-sonatype-com-3567	212	25	G	g	NN
www-sonatype-com-3567	212	26	E	e	NN
www-sonatype-com-3567	212	27	X	x	NN
www-sonatype-com-3567	212	28	E	e	NN
www-sonatype-com-3567	212	29	M	m	NN
www-sonatype-com-3567	212	30	P	p	NN
www-sonatype-com-3567	212	31	L	l	NN
www-sonatype-com-3567	212	32	A	a	NN
www-sonatype-com-3567	212	33	R	r	NN
www-sonatype-com-3567	212	34	Y	y	NN
www-sonatype-com-3567	212	35	O	o	NN
www-sonatype-com-3567	212	36	P	p	NN
www-sonatype-com-3567	212	37	E	e	NN
www-sonatype-com-3567	212	38	N	n	NN
www-sonatype-com-3567	212	39	S	s	NN
www-sonatype-com-3567	212	40	O	o	NN
www-sonatype-com-3567	212	41	U	u	NN
www-sonatype-com-3567	212	42	R	r	NN
www-sonatype-com-3567	212	43	C	c	NN
www-sonatype-com-3567	212	44	E	e	NN
www-sonatype-com-3567	212	45	S	s	NN
www-sonatype-com-3567	212	46	U	u	NN
www-sonatype-com-3567	212	47	P	p	NN
www-sonatype-com-3567	212	48	P	p	NN
www-sonatype-com-3567	212	49	L	l	NN
www-sonatype-com-3567	212	50	IE	ie	NN
www-sonatype-com-3567	212	51	R	r	NN
www-sonatype-com-3567	212	52	S	s	NN
www-sonatype-com-3567	212	53	Projects	project	NNS
www-sonatype-com-3567	212	54	with	with	IN
www-sonatype-com-3567	212	55	Updated	updated	JJ
www-sonatype-com-3567	212	56	Dependencies	dependency	NNS
www-sonatype-com-3567	212	57	Are	be	VBP
www-sonatype-com-3567	212	58	More	more	RBR
www-sonatype-com-3567	212	59	Secure	secure	JJ
www-sonatype-com-3567	212	60	The	the	DT
www-sonatype-com-3567	212	61	adoption	adoption	NN
www-sonatype-com-3567	212	62	curve	curve	NN
www-sonatype-com-3567	212	63	for	for	IN
www-sonatype-com-3567	212	64	upgrading	upgrade	VBG
www-sonatype-com-3567	212	65	dependencies	dependency	NNS
www-sonatype-com-3567	212	66	and	and	CC
www-sonatype-com-3567	212	67	remediating	remediating	NN
www-sonatype-com-3567	212	68	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	212	69	are	be	VBP
www-sonatype-com-3567	212	70	similar	similar	JJ
www-sonatype-com-3567	212	71	,	,	,
www-sonatype-com-3567	212	72	as	as	IN
www-sonatype-com-3567	212	73	shown	show	VBN
www-sonatype-com-3567	212	74	in	in	IN
www-sonatype-com-3567	212	75	FIGURE	FIGURE	NNP
www-sonatype-com-3567	212	76	3C.	3c.	NN
www-sonatype-com-3567	213	1	When	when	WRB
www-sonatype-com-3567	213	2	comparing	compare	VBG
www-sonatype-com-3567	213	3	MTTR	MTTR	NNP
www-sonatype-com-3567	213	4	with	with	IN
www-sonatype-com-3567	213	5	MTTU	MTTU	NNP
www-sonatype-com-3567	213	6	for	for	IN
www-sonatype-com-3567	213	7	non	non	JJ
www-sonatype-com-3567	213	8	-	-	JJ
www-sonatype-com-3567	213	9	security	security	JJ
www-sonatype-com-3567	213	10	-	-	HYPH
www-sonatype-com-3567	213	11	relevant	relevant	JJ
www-sonatype-com-3567	213	12	updates	update	NNS
www-sonatype-com-3567	213	13	on	on	IN
www-sonatype-com-3567	213	14	a	a	DT
www-sonatype-com-3567	213	15	per	per	IN
www-sonatype-com-3567	213	16	-	-	HYPH
www-sonatype-com-3567	213	17	component	component	NN
www-sonatype-com-3567	213	18	basis	basis	NN
www-sonatype-com-3567	213	19	,	,	,
www-sonatype-com-3567	213	20	we	-PRON-	PRP
www-sonatype-com-3567	213	21	see	see	VBP
www-sonatype-com-3567	213	22	a	a	DT
www-sonatype-com-3567	213	23	correlation	correlation	NN
www-sonatype-com-3567	213	24	between	between	IN
www-sonatype-com-3567	213	25	update	update	NN
www-sonatype-com-3567	213	26	behavior	behavior	NN
www-sonatype-com-3567	213	27	for	for	IN
www-sonatype-com-3567	213	28	security	security	NN
www-sonatype-com-3567	213	29	relevant	relevant	JJ
www-sonatype-com-3567	213	30	updates	update	NNS
www-sonatype-com-3567	213	31	(	(	-LRB-
www-sonatype-com-3567	213	32	MTTR	MTTR	NNP
www-sonatype-com-3567	213	33	)	)	-RRB-
www-sonatype-com-3567	213	34	and	and	CC
www-sonatype-com-3567	213	35	non	non	JJ
www-sonatype-com-3567	213	36	-	-	JJ
www-sonatype-com-3567	213	37	security	security	JJ
www-sonatype-com-3567	213	38	-	-	HYPH
www-sonatype-com-3567	213	39	relevant	relevant	JJ
www-sonatype-com-3567	213	40	updates	update	NNS
www-sonatype-com-3567	213	41	.	.	.
www-sonatype-com-3567	214	1	As	as	IN
www-sonatype-com-3567	214	2	we	-PRON-	PRP
www-sonatype-com-3567	214	3	discovered	discover	VBD
www-sonatype-com-3567	214	4	in	in	IN
www-sonatype-com-3567	214	5	our	-PRON-	PRP$
www-sonatype-com-3567	214	6	2019	2019	CD
www-sonatype-com-3567	214	7	report	report	NN
www-sonatype-com-3567	214	8	,	,	,
www-sonatype-com-3567	214	9	developers	developer	NNS
www-sonatype-com-3567	214	10	stay-	stay-	VBP
www-sonatype-com-3567	214	11	ing	ing	NNP
www-sonatype-com-3567	214	12	up	up	RP
www-sonatype-com-3567	214	13	to	to	IN
www-sonatype-com-3567	214	14	date	date	NN
www-sonatype-com-3567	214	15	on	on	IN
www-sonatype-com-3567	214	16	dependencies	dependency	NNS
www-sonatype-com-3567	214	17	will	will	MD
www-sonatype-com-3567	214	18	generally	generally	RB
www-sonatype-com-3567	214	19	stay	stay	VB
www-sonatype-com-3567	214	20	up	up	RP
www-sonatype-com-3567	214	21	to	to	IN
www-sonatype-com-3567	214	22	date	date	NN
www-sonatype-com-3567	214	23	on	on	IN
www-sonatype-com-3567	214	24	security	security	NN
www-sonatype-com-3567	214	25	updates	update	NNS
www-sonatype-com-3567	214	26	,	,	,
www-sonatype-com-3567	214	27	because	because	IN
www-sonatype-com-3567	214	28	security	security	NN
www-sonatype-com-3567	214	29	updates	update	NNS
www-sonatype-com-3567	214	30	are	be	VBP
www-sonatype-com-3567	214	31	a	a	DT
www-sonatype-com-3567	214	32	subset	subset	NN
www-sonatype-com-3567	214	33	of	of	IN
www-sonatype-com-3567	214	34	general	general	JJ
www-sonatype-com-3567	214	35	updates	update	NNS
www-sonatype-com-3567	214	36	.	.	.
www-sonatype-com-3567	215	1	We	-PRON-	PRP
www-sonatype-com-3567	215	2	observed	observe	VBD
www-sonatype-com-3567	215	3	that	that	IN
www-sonatype-com-3567	215	4	many	many	JJ
www-sonatype-com-3567	215	5	teams	team	NNS
www-sonatype-com-3567	215	6	follow	follow	VBP
www-sonatype-com-3567	215	7	this	this	DT
www-sonatype-com-3567	215	8	practice	practice	NN
www-sonatype-com-3567	215	9	,	,	,
www-sonatype-com-3567	215	10	exhibiting	exhibit	VBG
www-sonatype-com-3567	215	11	very	very	RB
www-sonatype-com-3567	215	12	similar	similar	JJ
www-sonatype-com-3567	215	13	median	median	JJ
www-sonatype-com-3567	215	14	times	time	NNS
www-sonatype-com-3567	215	15	to	to	TO
www-sonatype-com-3567	215	16	remediate	remediate	VB
www-sonatype-com-3567	215	17	(	(	-LRB-
www-sonatype-com-3567	215	18	MTTR	MTTR	NNP
www-sonatype-com-3567	215	19	)	)	-RRB-
www-sonatype-com-3567	215	20	and	and	CC
www-sonatype-com-3567	215	21	mean	mean	VB
www-sonatype-com-3567	215	22	time	time	NN
www-sonatype-com-3567	215	23	to	to	TO
www-sonatype-com-3567	215	24	update	update	VB
www-sonatype-com-3567	215	25	(	(	-LRB-
www-sonatype-com-3567	215	26	MTTU	MTTU	NNS
www-sonatype-com-3567	215	27	)	)	-RRB-
www-sonatype-com-3567	215	28	values	value	NNS
www-sonatype-com-3567	215	29	.	.	.
www-sonatype-com-3567	216	1	Large	large	JJ
www-sonatype-com-3567	216	2	and	and	CC
www-sonatype-com-3567	216	3	small	small	JJ
www-sonatype-com-3567	216	4	exemplars	exemplar	NNS
www-sonatype-com-3567	216	5	will	will	MD
www-sonatype-com-3567	216	6	generally	generally	RB
www-sonatype-com-3567	216	7	achieve	achieve	VB
www-sonatype-com-3567	216	8	better	well	JJR
www-sonatype-com-3567	216	9	security	security	NN
www-sonatype-com-3567	216	10	outcomes	outcome	NNS
www-sonatype-com-3567	216	11	because	because	IN
www-sonatype-com-3567	216	12	of	of	IN
www-sonatype-com-3567	216	13	their	-PRON-	PRP$
www-sonatype-com-3567	216	14	strong	strong	JJ
www-sonatype-com-3567	216	15	MTTU	MTTU	NNP
www-sonatype-com-3567	216	16	performance	performance	NN
www-sonatype-com-3567	216	17	(	(	-LRB-
www-sonatype-com-3567	216	18	SEE	see	VB
www-sonatype-com-3567	216	19	FIGURE	FIGURE	NNP
www-sonatype-com-3567	216	20	3C	3c	NN
www-sonatype-com-3567	216	21	)	)	-RRB-
www-sonatype-com-3567	216	22	.	.	.
www-sonatype-com-3567	217	1	To	to	TO
www-sonatype-com-3567	217	2	adopt	adopt	VB
www-sonatype-com-3567	217	3	this	this	DT
www-sonatype-com-3567	217	4	practice	practice	NN
www-sonatype-com-3567	217	5	,	,	,
www-sonatype-com-3567	217	6	security	security	NN
www-sonatype-com-3567	217	7	managers	manager	NNS
www-sonatype-com-3567	217	8	should	should	MD
www-sonatype-com-3567	217	9	encourage	encourage	VB
www-sonatype-com-3567	217	10	component	component	NN
www-sonatype-com-3567	217	11	and	and	CC
www-sonatype-com-3567	217	12	dependency	dependency	NN
www-sonatype-com-3567	217	13	updating	updating	NN
www-sonatype-com-3567	217	14	practices	practice	NNS
www-sonatype-com-3567	217	15	by	by	IN
www-sonatype-com-3567	217	16	partnering	partner	VBG
www-sonatype-com-3567	217	17	with	with	IN
www-sonatype-com-3567	217	18	their	-PRON-	PRP$
www-sonatype-com-3567	217	19	development	development	NN
www-sonatype-com-3567	217	20	counterparts	counterpart	NNS
www-sonatype-com-3567	217	21	.	.	.
www-sonatype-com-3567	218	1	TTU	TTU	NNP
www-sonatype-com-3567	218	2	Cumulative	Cumulative	NNP
www-sonatype-com-3567	218	3	TTR	TTR	NNP
www-sonatype-com-3567	218	4	Cumulative	Cumulative	NNP
www-sonatype-com-3567	218	5	Days	day	NNS
www-sonatype-com-3567	218	6	to	to	TO
www-sonatype-com-3567	218	7	Update	update	VB
www-sonatype-com-3567	218	8	Time	time	NN
www-sonatype-com-3567	218	9	to	to	IN
www-sonatype-com-3567	218	10	Remediate	Remediate	NNP
www-sonatype-com-3567	218	11	(	(	-LRB-
www-sonatype-com-3567	218	12	TTR	TTR	NNP
www-sonatype-com-3567	218	13	)	)	-RRB-
www-sonatype-com-3567	218	14	vs.	vs.	IN
www-sonatype-com-3567	218	15	Time	Time	NNP
www-sonatype-com-3567	218	16	to	to	IN
www-sonatype-com-3567	218	17	Update	Update	NNP
www-sonatype-com-3567	218	18	(	(	-LRB-
www-sonatype-com-3567	218	19	TTU	TTU	NNP
www-sonatype-com-3567	218	20	)	)	-RRB-
www-sonatype-com-3567	218	21	(	(	-LRB-
www-sonatype-com-3567	218	22	cumulative	cumulative	JJ
www-sonatype-com-3567	218	23	percentage	percentage	NN
www-sonatype-com-3567	218	24	)	)	-RRB-
www-sonatype-com-3567	218	25	SOURCE	SOURCE	NNP
www-sonatype-com-3567	218	26	:	:	:
www-sonatype-com-3567	218	27	2019	2019	CD
www-sonatype-com-3567	218	28	STATE	STATE	NNP
www-sonatype-com-3567	218	29	OF	of	IN
www-sonatype-com-3567	218	30	THE	the	DT
www-sonatype-com-3567	218	31	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	218	32	SUPPLY	supply	NN
www-sonatype-com-3567	218	33	CHAIN	CHAIN	NNP
www-sonatype-com-3567	218	34	REPORT	REPORT	NNP
www-sonatype-com-3567	218	35	TTU	TTU	NNP
www-sonatype-com-3567	218	36	median	median	NN
www-sonatype-com-3567	218	37	:	:	:
www-sonatype-com-3567	218	38	130	130	CD
www-sonatype-com-3567	218	39	days	day	NNS
www-sonatype-com-3567	218	40	TTR	TTR	NNP
www-sonatype-com-3567	218	41	median	median	NN
www-sonatype-com-3567	218	42	:	:	:
www-sonatype-com-3567	218	43	180	180	CD
www-sonatype-com-3567	218	44	days	day	NNS
www-sonatype-com-3567	218	45	TTU	TTU	NNP
www-sonatype-com-3567	218	46	mean	mean	NN
www-sonatype-com-3567	218	47	:	:	:
www-sonatype-com-3567	218	48	199	199	CD
www-sonatype-com-3567	218	49	days	day	NNS
www-sonatype-com-3567	218	50	FASTER	FASTER	NNP
www-sonatype-com-3567	218	51	SLOWER	SLOWER	NNP
www-sonatype-com-3567	218	52	TTR	TTR	NNP
www-sonatype-com-3567	218	53	mean	mean	NN
www-sonatype-com-3567	218	54	:	:	:
www-sonatype-com-3567	218	55	326	326	CD
www-sonatype-com-3567	218	56	days	day	NNS
www-sonatype-com-3567	218	57	10	10	CD
www-sonatype-com-3567	218	58	%	%	NN
www-sonatype-com-3567	218	59	20	20	CD
www-sonatype-com-3567	218	60	%	%	NN
www-sonatype-com-3567	218	61	30	30	CD
www-sonatype-com-3567	218	62	%	%	NN
www-sonatype-com-3567	218	63	40	40	CD
www-sonatype-com-3567	218	64	%	%	NN
www-sonatype-com-3567	218	65	50	50	CD
www-sonatype-com-3567	218	66	%	%	NN
www-sonatype-com-3567	218	67	60	60	CD
www-sonatype-com-3567	218	68	%	%	NN
www-sonatype-com-3567	218	69	70	70	CD
www-sonatype-com-3567	218	70	%	%	NN
www-sonatype-com-3567	218	71	80	80	CD
www-sonatype-com-3567	218	72	%	%	NN
www-sonatype-com-3567	218	73	90	90	CD
www-sonatype-com-3567	218	74	%	%	NN
www-sonatype-com-3567	218	75	100	100	CD
www-sonatype-com-3567	218	76	%	%	NN
www-sonatype-com-3567	218	77	P	p	NN
www-sonatype-com-3567	218	78	e	e	NN
www-sonatype-com-3567	218	79	rc	rc	NN
www-sonatype-com-3567	218	80	e	e	NNP
www-sonatype-com-3567	218	81	n	n	NNP
www-sonatype-com-3567	218	82	ta	ta	NNP
www-sonatype-com-3567	218	83	g	g	NNP
www-sonatype-com-3567	218	84	e	e	NNP
www-sonatype-com-3567	218	85	o	o	XX
www-sonatype-com-3567	218	86	f	f	NN
www-sonatype-com-3567	218	87	P	p	NN
www-sonatype-com-3567	218	88	o	o	NN
www-sonatype-com-3567	218	89	p	p	NN
www-sonatype-com-3567	218	90	u	u	NN
www-sonatype-com-3567	218	91	la	la	NNP
www-sonatype-com-3567	218	92	ti	ti	NNP
www-sonatype-com-3567	218	93	o	o	NN
www-sonatype-com-3567	218	94	n	n	NN
www-sonatype-com-3567	218	95	FIGURE	FIGURE	NNP
www-sonatype-com-3567	218	96	3C	3c	NN
www-sonatype-com-3567	218	97	Time	time	NN
www-sonatype-com-3567	218	98	to	to	IN
www-sonatype-com-3567	218	99	Remediate	Remediate	NNP
www-sonatype-com-3567	218	100	(	(	-LRB-
www-sonatype-com-3567	218	101	TTR	TTR	NNP
www-sonatype-com-3567	218	102	)	)	-RRB-
www-sonatype-com-3567	218	103	vs.	vs.	IN
www-sonatype-com-3567	218	104	Time	Time	NNP
www-sonatype-com-3567	218	105	to	to	IN
www-sonatype-com-3567	218	106	Update	Update	NNP
www-sonatype-com-3567	218	107	(	(	-LRB-
www-sonatype-com-3567	218	108	TTU	TTU	NNP
www-sonatype-com-3567	218	109	)	)	-RRB-
www-sonatype-com-3567	218	110	(	(	-LRB-
www-sonatype-com-3567	218	111	cumulative	cumulative	JJ
www-sonatype-com-3567	218	112	percentage	percentage	NN
www-sonatype-com-3567	218	113	)	)	-RRB-
www-sonatype-com-3567	218	114	Teams	team	NNS
www-sonatype-com-3567	218	115	should	should	MD
www-sonatype-com-3567	218	116	aim	aim	VB
www-sonatype-com-3567	218	117	for	for	IN
www-sonatype-com-3567	218	118	a	a	DT
www-sonatype-com-3567	218	119	minimum	minimum	NN
www-sonatype-com-3567	218	120	of	of	IN
www-sonatype-com-3567	218	121	four	four	CD
www-sonatype-com-3567	218	122	releases	release	NNS
www-sonatype-com-3567	218	123	annually	annually	RB
www-sonatype-com-3567	218	124	and	and	CC
www-sonatype-com-3567	218	125	aim	aim	VBP
www-sonatype-com-3567	218	126	to	to	TO
www-sonatype-com-3567	218	127	upgrade	upgrade	VB
www-sonatype-com-3567	218	128	at	at	RB
www-sonatype-com-3567	218	129	least	least	RBS
www-sonatype-com-3567	218	130	80	80	CD
www-sonatype-com-3567	218	131	%	%	NN
www-sonatype-com-3567	218	132	of	of	IN
www-sonatype-com-3567	218	133	their	-PRON-	PRP$
www-sonatype-com-3567	218	134	dependencies	dependency	NNS
www-sonatype-com-3567	218	135	with	with	IN
www-sonatype-com-3567	218	136	every	every	DT
www-sonatype-com-3567	218	137	release	release	NN
www-sonatype-com-3567	218	138	.	.	.
www-sonatype-com-3567	219	1	182020	182020	CD
www-sonatype-com-3567	219	2	STATE	STATE	NNP
www-sonatype-com-3567	219	3	OF	of	IN
www-sonatype-com-3567	219	4	THE	the	DT
www-sonatype-com-3567	219	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	219	6	SUPPLY	supply	NN
www-sonatype-com-3567	219	7	CHAIN	chain	NN
www-sonatype-com-3567	219	8	REPORT	report	NN
www-sonatype-com-3567	219	9	C	c	NN
www-sonatype-com-3567	219	10	H	h	NN
www-sonatype-com-3567	219	11	A	a	NN
www-sonatype-com-3567	219	12	P	p	NN
www-sonatype-com-3567	219	13	T	t	NN
www-sonatype-com-3567	219	14	E	e	NN
www-sonatype-com-3567	219	15	R	r	NN
www-sonatype-com-3567	219	16	3	3	CD
www-sonatype-com-3567	219	17	:	:	:
www-sonatype-com-3567	219	18	ID	ID	NNP
www-sonatype-com-3567	219	19	E	e	NN
www-sonatype-com-3567	219	20	N	n	NN
www-sonatype-com-3567	219	21	T	t	NN
www-sonatype-com-3567	219	22	IF	if	IN
www-sonatype-com-3567	219	23	Y	y	NN
www-sonatype-com-3567	219	24	IN	in	IN
www-sonatype-com-3567	219	25	G	g	NN
www-sonatype-com-3567	219	26	E	e	NN
www-sonatype-com-3567	219	27	X	x	NN
www-sonatype-com-3567	219	28	E	e	NN
www-sonatype-com-3567	219	29	M	m	NN
www-sonatype-com-3567	219	30	P	p	NN
www-sonatype-com-3567	219	31	L	l	NN
www-sonatype-com-3567	219	32	A	a	NN
www-sonatype-com-3567	219	33	R	r	NN
www-sonatype-com-3567	219	34	Y	y	NN
www-sonatype-com-3567	219	35	O	o	NN
www-sonatype-com-3567	219	36	P	p	NN
www-sonatype-com-3567	219	37	E	e	NN
www-sonatype-com-3567	219	38	N	n	NN
www-sonatype-com-3567	219	39	S	s	NN
www-sonatype-com-3567	219	40	O	o	NN
www-sonatype-com-3567	219	41	U	u	NN
www-sonatype-com-3567	219	42	R	r	NN
www-sonatype-com-3567	219	43	C	c	NN
www-sonatype-com-3567	219	44	E	e	NN
www-sonatype-com-3567	219	45	S	s	NN
www-sonatype-com-3567	219	46	U	u	NN
www-sonatype-com-3567	219	47	P	p	NN
www-sonatype-com-3567	219	48	P	p	NN
www-sonatype-com-3567	219	49	L	l	NN
www-sonatype-com-3567	219	50	IE	ie	NN
www-sonatype-com-3567	219	51	R	r	NN
www-sonatype-com-3567	219	52	S	s	NN
www-sonatype-com-3567	219	53	Guidance	guidance	NN
www-sonatype-com-3567	219	54	for	for	IN
www-sonatype-com-3567	219	55	Open	Open	NNP
www-sonatype-com-3567	219	56	Source	Source	NNP
www-sonatype-com-3567	219	57	Project	Project	NNP
www-sonatype-com-3567	219	58	Owners	Owners	NNPS
www-sonatype-com-3567	219	59	and	and	CC
www-sonatype-com-3567	219	60	Contributors	Contributors	NNPS
www-sonatype-com-3567	219	61	Given	give	VBN
www-sonatype-com-3567	219	62	its	-PRON-	PRP$
www-sonatype-com-3567	219	63	association	association	NN
www-sonatype-com-3567	219	64	with	with	IN
www-sonatype-com-3567	219	65	good	good	JJ
www-sonatype-com-3567	219	66	security	security	NN
www-sonatype-com-3567	219	67	practices	practice	NNS
www-sonatype-com-3567	219	68	and	and	CC
www-sonatype-com-3567	219	69	outcomes	outcome	NNS
www-sonatype-com-3567	219	70	,	,	,
www-sonatype-com-3567	219	71	we	-PRON-	PRP
www-sonatype-com-3567	219	72	recommend	recommend	VBP
www-sonatype-com-3567	219	73	a	a	DT
www-sonatype-com-3567	219	74	focus	focus	NN
www-sonatype-com-3567	219	75	on	on	IN
www-sonatype-com-3567	219	76	accel-	accel-	RB
www-sonatype-com-3567	219	77	erating	erate	VBG
www-sonatype-com-3567	219	78	and	and	CC
www-sonatype-com-3567	219	79	maintaining	maintain	VBG
www-sonatype-com-3567	219	80	rapid	rapid	JJ
www-sonatype-com-3567	219	81	MTTU	MTTU	NNS
www-sonatype-com-3567	219	82	.	.	.
www-sonatype-com-3567	220	1	In	in	IN
www-sonatype-com-3567	220	2	addition	addition	NN
www-sonatype-com-3567	220	3	to	to	IN
www-sonatype-com-3567	220	4	investing	invest	VBG
www-sonatype-com-3567	220	5	development	development	NN
www-sonatype-com-3567	220	6	effort	effort	NN
www-sonatype-com-3567	220	7	on	on	IN
www-sonatype-com-3567	220	8	new	new	JJ
www-sonatype-com-3567	220	9	features	feature	NNS
www-sonatype-com-3567	220	10	,	,	,
www-sonatype-com-3567	220	11	bug	bug	NN
www-sonatype-com-3567	220	12	fixes	fix	NNS
www-sonatype-com-3567	220	13	,	,	,
www-sonatype-com-3567	220	14	etc	etc	FW
www-sonatype-com-3567	220	15	.	.	FW
www-sonatype-com-3567	220	16	,	,	,
www-sonatype-com-3567	220	17	projects	project	NNS
www-sonatype-com-3567	220	18	should	should	MD
www-sonatype-com-3567	220	19	commit	commit	VB
www-sonatype-com-3567	220	20	similar	similar	JJ
www-sonatype-com-3567	220	21	resources	resource	NNS
www-sonatype-com-3567	220	22	to	to	IN
www-sonatype-com-3567	220	23	dependency	dependency	NN
www-sonatype-com-3567	220	24	management	management	NN
www-sonatype-com-3567	220	25	.	.	.
www-sonatype-com-3567	221	1	This	this	DT
www-sonatype-com-3567	221	2	means	mean	VBZ
www-sonatype-com-3567	221	3	that	that	IN
www-sonatype-com-3567	221	4	developers	developer	NNS
www-sonatype-com-3567	221	5	maintaining	maintain	VBG
www-sonatype-com-3567	221	6	OSS	oss	NN
www-sonatype-com-3567	221	7	projects	project	NNS
www-sonatype-com-3567	221	8	who	who	WP
www-sonatype-com-3567	221	9	are	be	VBP
www-sonatype-com-3567	221	10	considering	consider	VBG
www-sonatype-com-3567	221	11	adding	add	VBG
www-sonatype-com-3567	221	12	a	a	DT
www-sonatype-com-3567	221	13	new	new	JJ
www-sonatype-com-3567	221	14	dependency	dependency	NN
www-sonatype-com-3567	221	15	,	,	,
www-sonatype-com-3567	221	16	and	and	CC
www-sonatype-com-3567	221	17	looking	look	VBG
www-sonatype-com-3567	221	18	for	for	IN
www-sonatype-com-3567	221	19	a	a	DT
www-sonatype-com-3567	221	20	metric	metric	NN
www-sonatype-com-3567	221	21	to	to	TO
www-sonatype-com-3567	221	22	guide	guide	VB
www-sonatype-com-3567	221	23	that	that	DT
www-sonatype-com-3567	221	24	choice	choice	NN
www-sonatype-com-3567	221	25	,	,	,
www-sonatype-com-3567	221	26	would	would	MD
www-sonatype-com-3567	221	27	be	be	VB
www-sonatype-com-3567	221	28	wise	wise	JJ
www-sonatype-com-3567	221	29	to	to	TO
www-sonatype-com-3567	221	30	select	select	VB
www-sonatype-com-3567	221	31	dependencies	dependency	NNS
www-sonatype-com-3567	221	32	with	with	IN
www-sonatype-com-3567	221	33	fast	fast	JJ
www-sonatype-com-3567	221	34	MTTU	MTTU	NNP
www-sonatype-com-3567	221	35	because	because	IN
www-sonatype-com-3567	221	36	such	such	JJ
www-sonatype-com-3567	221	37	components	component	NNS
www-sonatype-com-3567	221	38	naturally	naturally	RB
www-sonatype-com-3567	221	39	exhibit	exhibit	VBP
www-sonatype-com-3567	221	40	better	well	JJR
www-sonatype-com-3567	221	41	security	security	NN
www-sonatype-com-3567	221	42	hygiene	hygiene	NN
www-sonatype-com-3567	221	43	.	.	.
www-sonatype-com-3567	222	1	To	to	TO
www-sonatype-com-3567	222	2	progress	progress	VB
www-sonatype-com-3567	222	3	comfortably	comfortably	RB
www-sonatype-com-3567	222	4	into	into	IN
www-sonatype-com-3567	222	5	the	the	DT
www-sonatype-com-3567	222	6	status	status	NN
www-sonatype-com-3567	222	7	of	of	IN
www-sonatype-com-3567	222	8	Exemplar	Exemplar	NNP
www-sonatype-com-3567	222	9	(	(	-LRB-
www-sonatype-com-3567	222	10	top	top	JJ
www-sonatype-com-3567	222	11	80	80	CD
www-sonatype-com-3567	222	12	%	%	NN
www-sonatype-com-3567	222	13	of	of	IN
www-sonatype-com-3567	222	14	Exemplars	Exemplars	NNP
www-sonatype-com-3567	222	15	)	)	-RRB-
www-sonatype-com-3567	222	16	,	,	,
www-sonatype-com-3567	222	17	teams	team	NNS
www-sonatype-com-3567	222	18	should	should	MD
www-sonatype-com-3567	222	19	aim	aim	VB
www-sonatype-com-3567	222	20	for	for	IN
www-sonatype-com-3567	222	21	a	a	DT
www-sonatype-com-3567	222	22	minimum	minimum	NN
www-sonatype-com-3567	222	23	of	of	IN
www-sonatype-com-3567	222	24	four	four	CD
www-sonatype-com-3567	222	25	releases	release	NNS
www-sonatype-com-3567	222	26	annually	annually	RB
www-sonatype-com-3567	222	27	and	and	CC
www-sonatype-com-3567	222	28	aim	aim	VBP
www-sonatype-com-3567	222	29	to	to	TO
www-sonatype-com-3567	222	30	upgrade	upgrade	VB
www-sonatype-com-3567	222	31	at	at	RB
www-sonatype-com-3567	222	32	least	least	RBS
www-sonatype-com-3567	222	33	80	80	CD
www-sonatype-com-3567	222	34	%	%	NN
www-sonatype-com-3567	222	35	of	of	IN
www-sonatype-com-3567	222	36	their	-PRON-	PRP$
www-sonatype-com-3567	222	37	dependen-	dependen-	JJ
www-sonatype-com-3567	222	38	cies	cie	NNS
www-sonatype-com-3567	222	39	with	with	IN
www-sonatype-com-3567	222	40	every	every	DT
www-sonatype-com-3567	222	41	release	release	NN
www-sonatype-com-3567	222	42	.	.	.
www-sonatype-com-3567	223	1	A	a	DT
www-sonatype-com-3567	223	2	higher	high	JJR
www-sonatype-com-3567	223	3	frequency	frequency	NN
www-sonatype-com-3567	223	4	of	of	IN
www-sonatype-com-3567	223	5	dependency	dependency	NN
www-sonatype-com-3567	223	6	updates	update	NNS
www-sonatype-com-3567	223	7	statistically	statistically	RB
www-sonatype-com-3567	223	8	results	result	VBZ
www-sonatype-com-3567	223	9	in	in	IN
www-sonatype-com-3567	223	10	higher	high	JJR
www-sonatype-com-3567	223	11	quality	quality	NN
www-sonatype-com-3567	223	12	and	and	CC
www-sonatype-com-3567	223	13	more	more	RBR
www-sonatype-com-3567	223	14	secure	secure	JJ
www-sonatype-com-3567	223	15	code	code	NN
www-sonatype-com-3567	223	16	.	.	.
www-sonatype-com-3567	224	1	Guidance	guidance	NN
www-sonatype-com-3567	224	2	for	for	IN
www-sonatype-com-3567	224	3	Enterprise	Enterprise	NNP
www-sonatype-com-3567	224	4	Development	Development	NNP
www-sonatype-com-3567	224	5	Teams	Teams	NNPS
www-sonatype-com-3567	224	6	Enterprise	enterprise	NN
www-sonatype-com-3567	224	7	development	development	NN
www-sonatype-com-3567	224	8	teams	team	NNS
www-sonatype-com-3567	224	9	working	work	VBG
www-sonatype-com-3567	224	10	with	with	IN
www-sonatype-com-3567	224	11	software	software	NN
www-sonatype-com-3567	224	12	supply	supply	NN
www-sonatype-com-3567	224	13	chains	chain	NNS
www-sonatype-com-3567	224	14	often	often	RB
www-sonatype-com-3567	224	15	rely	rely	VBP
www-sonatype-com-3567	224	16	on	on	IN
www-sonatype-com-3567	224	17	an	an	DT
www-sonatype-com-3567	224	18	unchecked	unchecked	JJ
www-sonatype-com-3567	224	19	variety	variety	NN
www-sonatype-com-3567	224	20	of	of	IN
www-sonatype-com-3567	224	21	supply	supply	NN
www-sonatype-com-3567	224	22	from	from	IN
www-sonatype-com-3567	224	23	OSS	oss	NN
www-sonatype-com-3567	224	24	projects	project	NNS
www-sonatype-com-3567	224	25	where	where	WRB
www-sonatype-com-3567	224	26	each	each	DT
www-sonatype-com-3567	224	27	developer	developer	NN
www-sonatype-com-3567	224	28	or	or	CC
www-sonatype-com-3567	224	29	development	development	NN
www-sonatype-com-3567	224	30	team	team	NN
www-sonatype-com-3567	224	31	can	can	MD
www-sonatype-com-3567	224	32	make	make	VB
www-sonatype-com-3567	224	33	their	-PRON-	PRP$
www-sonatype-com-3567	224	34	own	own	JJ
www-sonatype-com-3567	224	35	sourcing	sourcing	NN
www-sonatype-com-3567	224	36	and	and	CC
www-sonatype-com-3567	224	37	procurement	procurement	NN
www-sonatype-com-3567	224	38	decisions	decision	NNS
www-sonatype-com-3567	224	39	.	.	.
www-sonatype-com-3567	225	1	The	the	DT
www-sonatype-com-3567	225	2	effort	effort	NN
www-sonatype-com-3567	225	3	of	of	IN
www-sonatype-com-3567	225	4	managing	manage	VBG
www-sonatype-com-3567	225	5	3,552	3,552	CD
www-sonatype-com-3567	225	6	different	different	JJ
www-sonatype-com-3567	225	7	projects	project	NNS
www-sonatype-com-3567	225	8	and	and	CC
www-sonatype-com-3567	225	9	11,294	11,294	CD
www-sonatype-com-3567	225	10	unique	unique	JJ
www-sonatype-com-3567	225	11	releases	release	NNS
www-sonatype-com-3567	225	12	(	(	-LRB-
www-sonatype-com-3567	225	13	see	see	VB
www-sonatype-com-3567	225	14	Chapter	chapter	NN
www-sonatype-com-3567	225	15	5	5	CD
www-sonatype-com-3567	225	16	)	)	-RRB-
www-sonatype-com-3567	225	17	can	can	MD
www-sonatype-com-3567	225	18	introduce	introduce	VB
www-sonatype-com-3567	225	19	significant	significant	JJ
www-sonatype-com-3567	225	20	drag	drag	NN
www-sonatype-com-3567	225	21	on	on	IN
www-sonatype-com-3567	225	22	development	development	NN
www-sonatype-com-3567	225	23	and	and	CC
www-sonatype-com-3567	225	24	is	be	VBZ
www-sonatype-com-3567	225	25	contrary	contrary	JJ
www-sonatype-com-3567	225	26	to	to	IN
www-sonatype-com-3567	225	27	an	an	DT
www-sonatype-com-3567	225	28	enter-	enter-	JJ
www-sonatype-com-3567	225	29	prise	prise	NN
www-sonatype-com-3567	225	30	’s	’s	POS
www-sonatype-com-3567	225	31	need	need	VB
www-sonatype-com-3567	225	32	to	to	TO
www-sonatype-com-3567	225	33	develop	develop	VB
www-sonatype-com-3567	225	34	faster	fast	RBR
www-sonatype-com-3567	225	35	as	as	IN
www-sonatype-com-3567	225	36	part	part	NN
www-sonatype-com-3567	225	37	of	of	IN
www-sonatype-com-3567	225	38	any	any	DT
www-sonatype-com-3567	225	39	agile	agile	JJ
www-sonatype-com-3567	225	40	,	,	,
www-sonatype-com-3567	225	41	continuous	continuous	JJ
www-sonatype-com-3567	225	42	delivery	delivery	NN
www-sonatype-com-3567	225	43	or	or	CC
www-sonatype-com-3567	225	44	DevOps	DevOps	NNP
www-sonatype-com-3567	225	45	practice	practice	NN
www-sonatype-com-3567	225	46	.	.	.
www-sonatype-com-3567	226	1	Choosing	choose	VBG
www-sonatype-com-3567	226	2	open	open	JJ
www-sonatype-com-3567	226	3	source	source	NN
www-sonatype-com-3567	226	4	projects	project	NNS
www-sonatype-com-3567	226	5	should	should	MD
www-sonatype-com-3567	226	6	be	be	VB
www-sonatype-com-3567	226	7	considered	consider	VBN
www-sonatype-com-3567	226	8	an	an	DT
www-sonatype-com-3567	226	9	important	important	JJ
www-sonatype-com-3567	226	10	strategic	strategic	JJ
www-sonatype-com-3567	226	11	decision	decision	NN
www-sonatype-com-3567	226	12	for	for	IN
www-sonatype-com-3567	226	13	enterprise	enterprise	NN
www-sonatype-com-3567	226	14	software	software	NN
www-sonatype-com-3567	226	15	development	development	NN
www-sonatype-com-3567	226	16	organizations	organization	NNS
www-sonatype-com-3567	226	17	.	.	.
www-sonatype-com-3567	227	1	Different	different	JJ
www-sonatype-com-3567	227	2	components	component	NNS
www-sonatype-com-3567	227	3	demonstrate	demonstrate	VBP
www-sonatype-com-3567	227	4	healthy	healthy	JJ
www-sonatype-com-3567	227	5	or	or	CC
www-sonatype-com-3567	227	6	poor	poor	JJ
www-sonatype-com-3567	227	7	performance	performance	NN
www-sonatype-com-3567	227	8	that	that	WDT
www-sonatype-com-3567	227	9	impacts	impact	VBZ
www-sonatype-com-3567	227	10	the	the	DT
www-sonatype-com-3567	227	11	overall	overall	JJ
www-sonatype-com-3567	227	12	quality	quality	NN
www-sonatype-com-3567	227	13	of	of	IN
www-sonatype-com-3567	227	14	their	-PRON-	PRP$
www-sonatype-com-3567	227	15	releases	release	NNS
www-sonatype-com-3567	227	16	.	.	.
www-sonatype-com-3567	228	1	Therefore	therefore	RB
www-sonatype-com-3567	228	2	,	,	,
www-sonatype-com-3567	228	3	MTTU	MTTU	NNS
www-sonatype-com-3567	228	4	should	should	MD
www-sonatype-com-3567	228	5	be	be	VB
www-sonatype-com-3567	228	6	an	an	DT
www-sonatype-com-3567	228	7	important	important	JJ
www-sonatype-com-3567	228	8	metric	metric	NN
www-sonatype-com-3567	228	9	when	when	WRB
www-sonatype-com-3567	228	10	deciding	decide	VBG
www-sonatype-com-3567	228	11	which	which	WDT
www-sonatype-com-3567	228	12	components	component	VBZ
www-sonatype-com-3567	228	13	to	to	TO
www-sonatype-com-3567	228	14	utilize	utilize	VB
www-sonatype-com-3567	228	15	within	within	IN
www-sonatype-com-3567	228	16	your	-PRON-	PRP$
www-sonatype-com-3567	228	17	software	software	NN
www-sonatype-com-3567	228	18	supply	supply	NN
www-sonatype-com-3567	228	19	chains	chain	NNS
www-sonatype-com-3567	228	20	.	.	.
www-sonatype-com-3567	229	1	Rapid	Rapid	NNP
www-sonatype-com-3567	229	2	MTTU	MTTU	NNP
www-sonatype-com-3567	229	3	is	be	VBZ
www-sonatype-com-3567	229	4	associated	associate	VBN
www-sonatype-com-3567	229	5	with	with	IN
www-sonatype-com-3567	229	6	lower	low	JJR
www-sonatype-com-3567	229	7	security	security	NN
www-sonatype-com-3567	229	8	risk	risk	NN
www-sonatype-com-3567	229	9	and	and	CC
www-sonatype-com-3567	229	10	is	be	VBZ
www-sonatype-com-3567	229	11	accessible	accessible	JJ
www-sonatype-com-3567	229	12	from	from	IN
www-sonatype-com-3567	229	13	public	public	JJ
www-sonatype-com-3567	229	14	sources	source	NNS
www-sonatype-com-3567	229	15	.	.	.
www-sonatype-com-3567	230	1	Just	just	RB
www-sonatype-com-3567	230	2	as	as	IN
www-sonatype-com-3567	230	3	traditional	traditional	JJ
www-sonatype-com-3567	230	4	manufacturing	manufacture	VBG
www-sonatype-com-3567	230	5	supply	supply	NN
www-sonatype-com-3567	230	6	chains	chain	NNS
www-sonatype-com-3567	230	7	intentionally	intentionally	RB
www-sonatype-com-3567	230	8	select	select	VBP
www-sonatype-com-3567	230	9	parts	part	NNS
www-sonatype-com-3567	230	10	from	from	IN
www-sonatype-com-3567	230	11	approved	approve	VBN
www-sonatype-com-3567	230	12	suppliers	supplier	NNS
www-sonatype-com-3567	230	13	and	and	CC
www-sonatype-com-3567	230	14	rely	rely	VB
www-sonatype-com-3567	230	15	upon	upon	IN
www-sonatype-com-3567	230	16	formalized	formalize	VBN
www-sonatype-com-3567	230	17	procurement	procurement	NN
www-sonatype-com-3567	230	18	practices	practice	NNS
www-sonatype-com-3567	230	19	—	—	:
www-sonatype-com-3567	230	20	enterprise	enterprise	NN
www-sonatype-com-3567	230	21	development	development	NN
www-sonatype-com-3567	230	22	teams	team	NNS
www-sonatype-com-3567	230	23	should	should	MD
www-sonatype-com-3567	230	24	adopt	adopt	VB
www-sonatype-com-3567	230	25	similar	similar	JJ
www-sonatype-com-3567	230	26	criteria	criterion	NNS
www-sonatype-com-3567	230	27	for	for	IN
www-sonatype-com-3567	230	28	their	-PRON-	PRP$
www-sonatype-com-3567	230	29	selection	selection	NN
www-sonatype-com-3567	230	30	of	of	IN
www-sonatype-com-3567	230	31	OSS	oss	NN
www-sonatype-com-3567	230	32	compo-	compo-	NN
www-sonatype-com-3567	230	33	nents	nent	NNS
www-sonatype-com-3567	230	34	.	.	.
www-sonatype-com-3567	231	1	This	this	DT
www-sonatype-com-3567	231	2	practice	practice	NN
www-sonatype-com-3567	231	3	ensures	ensure	VBZ
www-sonatype-com-3567	231	4	the	the	DT
www-sonatype-com-3567	231	5	highest	high	JJS
www-sonatype-com-3567	231	6	quality	quality	NN
www-sonatype-com-3567	231	7	parts	part	NNS
www-sonatype-com-3567	231	8	are	be	VBP
www-sonatype-com-3567	231	9	selected	select	VBN
www-sonatype-com-3567	231	10	from	from	IN
www-sonatype-com-3567	231	11	the	the	DT
www-sonatype-com-3567	231	12	best	good	JJS
www-sonatype-com-3567	231	13	and	and	CC
www-sonatype-com-3567	231	14	fewest	few	JJS
www-sonatype-com-3567	231	15	suppliers	supplier	NNS
www-sonatype-com-3567	231	16	—	—	:
www-sonatype-com-3567	231	17	a	a	DT
www-sonatype-com-3567	231	18	practice	practice	NN
www-sonatype-com-3567	231	19	Deming	Deming	NNP
www-sonatype-com-3567	231	20	recommended	recommend	VBD
www-sonatype-com-3567	231	21	for	for	IN
www-sonatype-com-3567	231	22	decades	decade	NNS
www-sonatype-com-3567	231	23	.	.	.
www-sonatype-com-3567	232	1	Implementing	implement	VBG
www-sonatype-com-3567	232	2	selection	selection	NN
www-sonatype-com-3567	232	3	criteria	criterion	NNS
www-sonatype-com-3567	232	4	and	and	CC
www-sonatype-com-3567	232	5	update	update	NN
www-sonatype-com-3567	232	6	practices	practice	NNS
www-sonatype-com-3567	232	7	will	will	MD
www-sonatype-com-3567	232	8	not	not	RB
www-sonatype-com-3567	232	9	only	only	RB
www-sonatype-com-3567	232	10	improve	improve	VB
www-sonatype-com-3567	232	11	code	code	NN
www-sonatype-com-3567	232	12	quality	quality	NN
www-sonatype-com-3567	232	13	,	,	,
www-sonatype-com-3567	232	14	but	but	CC
www-sonatype-com-3567	232	15	can	can	MD
www-sonatype-com-3567	232	16	accelerate	accelerate	VB
www-sonatype-com-3567	232	17	mean	mean	JJ
www-sonatype-com-3567	232	18	time	time	NN
www-sonatype-com-3567	232	19	to	to	TO
www-sonatype-com-3567	232	20	repair	repair	VB
www-sonatype-com-3567	232	21	when	when	WRB
www-sonatype-com-3567	232	22	suppliers	supplier	NNS
www-sonatype-com-3567	232	23	discover	discover	VBP
www-sonatype-com-3567	232	24	new	new	JJ
www-sonatype-com-3567	232	25	defects	defect	NNS
www-sonatype-com-3567	232	26	or	or	CC
www-sonatype-com-3567	232	27	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	232	28	.	.	.
www-sonatype-com-3567	233	1	Chapter	chapter	NN
www-sonatype-com-3567	233	2	4	4	CD
www-sonatype-com-3567	233	3	will	will	MD
www-sonatype-com-3567	233	4	further	further	RB
www-sonatype-com-3567	233	5	explore	explore	VB
www-sonatype-com-3567	233	6	the	the	DT
www-sonatype-com-3567	233	7	impact	impact	NN
www-sonatype-com-3567	233	8	of	of	IN
www-sonatype-com-3567	233	9	OSS	oss	NN
www-sonatype-com-3567	233	10	component	component	NN
www-sonatype-com-3567	233	11	selection	selection	NN
www-sonatype-com-3567	233	12	on	on	IN
www-sonatype-com-3567	233	13	overall	overall	JJ
www-sonatype-com-3567	233	14	application	application	NN
www-sonatype-com-3567	233	15	quality	quality	NN
www-sonatype-com-3567	233	16	.	.	.
www-sonatype-com-3567	234	1	■	■	NFP
www-sonatype-com-3567	234	2	Just	just	RB
www-sonatype-com-3567	234	3	as	as	IN
www-sonatype-com-3567	234	4	traditional	traditional	JJ
www-sonatype-com-3567	234	5	manufacturing	manufacture	VBG
www-sonatype-com-3567	234	6	supply	supply	NN
www-sonatype-com-3567	234	7	chains	chain	NNS
www-sonatype-com-3567	234	8	intentionally	intentionally	RB
www-sonatype-com-3567	234	9	select	select	VBP
www-sonatype-com-3567	234	10	parts	part	NNS
www-sonatype-com-3567	234	11	from	from	IN
www-sonatype-com-3567	234	12	approved	approve	VBN
www-sonatype-com-3567	234	13	suppliers	supplier	NNS
www-sonatype-com-3567	234	14	and	and	CC
www-sonatype-com-3567	234	15	rely	rely	VB
www-sonatype-com-3567	234	16	upon	upon	IN
www-sonatype-com-3567	234	17	formalized	formalize	VBN
www-sonatype-com-3567	234	18	procurement	procurement	NN
www-sonatype-com-3567	234	19	practices	practice	NNS
www-sonatype-com-3567	234	20	—	—	:
www-sonatype-com-3567	234	21	enterprise	enterprise	NN
www-sonatype-com-3567	234	22	development	development	NN
www-sonatype-com-3567	234	23	teams	team	NNS
www-sonatype-com-3567	234	24	should	should	MD
www-sonatype-com-3567	234	25	adopt	adopt	VB
www-sonatype-com-3567	234	26	similar	similar	JJ
www-sonatype-com-3567	234	27	criteria	criterion	NNS
www-sonatype-com-3567	234	28	for	for	IN
www-sonatype-com-3567	234	29	their	-PRON-	PRP$
www-sonatype-com-3567	234	30	selection	selection	NN
www-sonatype-com-3567	234	31	of	of	IN
www-sonatype-com-3567	234	32	OSS	oss	NN
www-sonatype-com-3567	234	33	components	component	NNS
www-sonatype-com-3567	234	34	.	.	.
www-sonatype-com-3567	235	1	192020	192020	CD
www-sonatype-com-3567	235	2	STATE	STATE	NNP
www-sonatype-com-3567	235	3	OF	of	IN
www-sonatype-com-3567	235	4	THE	the	DT
www-sonatype-com-3567	235	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	235	6	SUPPLY	supply	NN
www-sonatype-com-3567	235	7	CHAIN	chain	NN
www-sonatype-com-3567	235	8	REPORT	report	NN
www-sonatype-com-3567	235	9	C	c	NN
www-sonatype-com-3567	235	10	H	h	NN
www-sonatype-com-3567	235	11	A	a	NN
www-sonatype-com-3567	235	12	P	p	NN
www-sonatype-com-3567	235	13	T	t	NN
www-sonatype-com-3567	235	14	E	e	NN
www-sonatype-com-3567	235	15	R	r	NN
www-sonatype-com-3567	235	16	3	3	CD
www-sonatype-com-3567	235	17	:	:	:
www-sonatype-com-3567	235	18	ID	ID	NNP
www-sonatype-com-3567	235	19	E	e	NN
www-sonatype-com-3567	235	20	N	n	NN
www-sonatype-com-3567	235	21	T	t	NN
www-sonatype-com-3567	235	22	IF	if	IN
www-sonatype-com-3567	235	23	Y	y	NN
www-sonatype-com-3567	235	24	IN	in	IN
www-sonatype-com-3567	235	25	G	g	NN
www-sonatype-com-3567	235	26	E	e	NN
www-sonatype-com-3567	235	27	X	x	NN
www-sonatype-com-3567	235	28	E	e	NN
www-sonatype-com-3567	235	29	M	m	NN
www-sonatype-com-3567	235	30	P	p	NN
www-sonatype-com-3567	235	31	L	l	NN
www-sonatype-com-3567	235	32	A	a	NN
www-sonatype-com-3567	235	33	R	r	NN
www-sonatype-com-3567	235	34	Y	y	NN
www-sonatype-com-3567	235	35	O	o	NN
www-sonatype-com-3567	235	36	P	p	NN
www-sonatype-com-3567	235	37	E	e	NN
www-sonatype-com-3567	235	38	N	n	NN
www-sonatype-com-3567	235	39	S	s	NN
www-sonatype-com-3567	235	40	O	o	NN
www-sonatype-com-3567	235	41	U	u	NN
www-sonatype-com-3567	235	42	R	r	NN
www-sonatype-com-3567	235	43	C	c	NN
www-sonatype-com-3567	235	44	E	e	NN
www-sonatype-com-3567	235	45	S	s	NN
www-sonatype-com-3567	235	46	U	u	NN
www-sonatype-com-3567	235	47	P	p	NN
www-sonatype-com-3567	235	48	P	p	NN
www-sonatype-com-3567	235	49	L	l	NN
www-sonatype-com-3567	235	50	IE	ie	NN
www-sonatype-com-3567	235	51	R	R	NNP
www-sonatype-com-3567	235	52	S	S	NNP
www-sonatype-com-3567	235	53	CHAPTER	chapter	NN
www-sonatype-com-3567	235	54	4	4	CD
www-sonatype-com-3567	235	55	How	how	WRB
www-sonatype-com-3567	235	56	High	high	JJ
www-sonatype-com-3567	235	57	Performance	performance	NN
www-sonatype-com-3567	235	58	Teams	team	NNS
www-sonatype-com-3567	235	59	Manage	manage	VBP
www-sonatype-com-3567	235	60	Open	open	JJ
www-sonatype-com-3567	235	61	Source	source	NN
www-sonatype-com-3567	235	62	Software	Software	NNP
www-sonatype-com-3567	235	63	Supply	Supply	NNP
www-sonatype-com-3567	235	64	Chains	Chains	NNPS
www-sonatype-com-3567	235	65	Telecommunications	Telecommunications	NNP
www-sonatype-com-3567	235	66	Consulting	Consulting	NNP
www-sonatype-com-3567	235	67	Services	Services	NNPS
www-sonatype-com-3567	235	68	Government	Government	NNP
www-sonatype-com-3567	235	69	Technology	Technology	NNP
www-sonatype-com-3567	235	70	Banking	Banking	NNP
www-sonatype-com-3567	235	71	and	and	CC
www-sonatype-com-3567	235	72	Financial	Financial	NNP
www-sonatype-com-3567	235	73	Services	Services	NNP
www-sonatype-com-3567	235	74	40	40	CD
www-sonatype-com-3567	235	75	%	%	NN
www-sonatype-com-3567	235	76	8	8	CD
www-sonatype-com-3567	235	77	%	%	NN
www-sonatype-com-3567	235	78	11	11	CD
www-sonatype-com-3567	235	79	%	%	NN
www-sonatype-com-3567	235	80	6	6	CD
www-sonatype-com-3567	235	81	%	%	NN
www-sonatype-com-3567	235	82	6	6	CD
www-sonatype-com-3567	235	83	%	%	NN
www-sonatype-com-3567	235	84	Other	other	JJ
www-sonatype-com-3567	235	85	9	9	CD
www-sonatype-com-3567	235	86	%	%	NN
www-sonatype-com-3567	235	87	Retail	retail	NN
www-sonatype-com-3567	235	88	3	3	CD
www-sonatype-com-3567	235	89	%	%	NN
www-sonatype-com-3567	235	90	Healthcare	Healthcare	NNP
www-sonatype-com-3567	235	91	4	4	CD
www-sonatype-com-3567	235	92	%	%	NN
www-sonatype-com-3567	235	93	Education	Education	NNP
www-sonatype-com-3567	235	94	3	3	CD
www-sonatype-com-3567	235	95	%	%	NN
www-sonatype-com-3567	235	96	Media	Media	NNP
www-sonatype-com-3567	235	97	and	and	CC
www-sonatype-com-3567	235	98	Entertainment	Entertainment	NNP
www-sonatype-com-3567	235	99	3	3	CD
www-sonatype-com-3567	235	100	%	%	NN
www-sonatype-com-3567	235	101	Manufacturing	manufacturing	NN
www-sonatype-com-3567	235	102	2	2	CD
www-sonatype-com-3567	235	103	%	%	NN
www-sonatype-com-3567	235	104	Insurance	insurance	NN
www-sonatype-com-3567	235	105	4	4	CD
www-sonatype-com-3567	235	106	%	%	NN
www-sonatype-com-3567	235	107	Industry	industry	NN
www-sonatype-com-3567	235	108	Verticals	vertical	NNS
www-sonatype-com-3567	235	109	Analyzed	analyze	VBN
www-sonatype-com-3567	235	110	for	for	IN
www-sonatype-com-3567	235	111	OSS	OSS	NNP
www-sonatype-com-3567	235	112	Component	Component	NNP
www-sonatype-com-3567	235	113	-	-	HYPH
www-sonatype-com-3567	235	114	Based	base	VBN
www-sonatype-com-3567	235	115	Development	Development	NNP
www-sonatype-com-3567	235	116	Practices	Practices	NNPS
www-sonatype-com-3567	235	117	Analyzing	analyze	VBG
www-sonatype-com-3567	235	118	the	the	DT
www-sonatype-com-3567	235	119	performance	performance	NN
www-sonatype-com-3567	235	120	and	and	CC
www-sonatype-com-3567	235	121	security	security	NN
www-sonatype-com-3567	235	122	of	of	IN
www-sonatype-com-3567	235	123	open	open	JJ
www-sonatype-com-3567	235	124	source	source	NN
www-sonatype-com-3567	235	125	component	component	NN
www-sonatype-com-3567	235	126	-	-	HYPH
www-sonatype-com-3567	235	127	based	base	VBN
www-sonatype-com-3567	235	128	software	software	NN
www-sonatype-com-3567	235	129	development	development	NN
www-sonatype-com-3567	235	130	is	be	VBZ
www-sonatype-com-3567	235	131	made	make	VBN
www-sonatype-com-3567	235	132	easier	easy	JJR
www-sonatype-com-3567	235	133	because	because	IN
www-sonatype-com-3567	235	134	,	,	,
www-sonatype-com-3567	235	135	similar	similar	JJ
www-sonatype-com-3567	235	136	to	to	IN
www-sonatype-com-3567	235	137	manufacturing	manufacture	VBG
www-sonatype-com-3567	235	138	supply	supply	NN
www-sonatype-com-3567	235	139	chains	chain	NNS
www-sonatype-com-3567	235	140	,	,	,
www-sonatype-com-3567	235	141	the	the	DT
www-sonatype-com-3567	235	142	inventory	inventory	NN
www-sonatype-com-3567	235	143	is	be	VBZ
www-sonatype-com-3567	235	144	visible	visible	JJ
www-sonatype-com-3567	235	145	.	.	.
www-sonatype-com-3567	236	1	Analyzing	analyze	VBG
www-sonatype-com-3567	236	2	the	the	DT
www-sonatype-com-3567	236	3	performance	performance	NN
www-sonatype-com-3567	236	4	and	and	CC
www-sonatype-com-3567	236	5	security	security	NN
www-sonatype-com-3567	236	6	of	of	IN
www-sonatype-com-3567	236	7	open	open	JJ
www-sonatype-com-3567	236	8	source	source	NN
www-sonatype-com-3567	236	9	component	component	NN
www-sonatype-com-3567	236	10	-	-	HYPH
www-sonatype-com-3567	236	11	based	base	VBN
www-sonatype-com-3567	236	12	software	software	NN
www-sonatype-com-3567	236	13	development	development	NN
www-sonatype-com-3567	236	14	is	be	VBZ
www-sonatype-com-3567	236	15	made	make	VBN
www-sonatype-com-3567	236	16	easier	easy	JJR
www-sonatype-com-3567	236	17	because	because	IN
www-sonatype-com-3567	236	18	,	,	,
www-sonatype-com-3567	236	19	similar	similar	JJ
www-sonatype-com-3567	236	20	to	to	IN
www-sonatype-com-3567	236	21	manufacturing	manufacture	VBG
www-sonatype-com-3567	236	22	supply	supply	NN
www-sonatype-com-3567	236	23	chains	chain	NNS
www-sonatype-com-3567	236	24	,	,	,
www-sonatype-com-3567	236	25	the	the	DT
www-sonatype-com-3567	236	26	inventory	inventory	NN
www-sonatype-com-3567	236	27	is	be	VBZ
www-sonatype-com-3567	236	28	visible	visible	JJ
www-sonatype-com-3567	236	29	.	.	.
www-sonatype-com-3567	237	1	For	for	IN
www-sonatype-com-3567	237	2	this	this	DT
www-sonatype-com-3567	237	3	year	year	NN
www-sonatype-com-3567	237	4	’s	’s	POS
www-sonatype-com-3567	237	5	report	report	NN
www-sonatype-com-3567	237	6	,	,	,
www-sonatype-com-3567	237	7	we	-PRON-	PRP
www-sonatype-com-3567	237	8	expanded	expand	VBD
www-sonatype-com-3567	237	9	our	-PRON-	PRP$
www-sonatype-com-3567	237	10	survey	survey	NN
www-sonatype-com-3567	237	11	of	of	IN
www-sonatype-com-3567	237	12	OSS	OSS	NNP
www-sonatype-com-3567	237	13	component	component	NN
www-sonatype-com-3567	237	14	-	-	HYPH
www-sonatype-com-3567	237	15	based	base	VBN
www-sonatype-com-3567	237	16	development	development	NN
www-sonatype-com-3567	237	17	practices	practice	NNS
www-sonatype-com-3567	237	18	to	to	TO
www-sonatype-com-3567	237	19	include	include	VB
www-sonatype-com-3567	237	20	679	679	CD
www-sonatype-com-3567	237	21	engineering	engineering	NN
www-sonatype-com-3567	237	22	professionals	professional	NNS
www-sonatype-com-3567	237	23	employed	employ	VBN
www-sonatype-com-3567	237	24	in	in	IN
www-sonatype-com-3567	237	25	commercial	commercial	JJ
www-sonatype-com-3567	237	26	roles	role	NNS
www-sonatype-com-3567	237	27	.	.	.
www-sonatype-com-3567	238	1	We	-PRON-	PRP
www-sonatype-com-3567	238	2	inquired	inquire	VBD
www-sonatype-com-3567	238	3	about	about	IN
www-sonatype-com-3567	238	4	software	software	NN
www-sonatype-com-3567	238	5	delivery	delivery	NN
www-sonatype-com-3567	238	6	outcomes	outcome	NNS
www-sonatype-com-3567	238	7	(	(	-LRB-
www-sonatype-com-3567	238	8	e.g.	e.g.	RB
www-sonatype-com-3567	238	9	,	,	,
www-sonatype-com-3567	238	10	deployment	deployment	NN
www-sonatype-com-3567	238	11	frequency	frequency	NN
www-sonatype-com-3567	238	12	,	,	,
www-sonatype-com-3567	238	13	security	security	NN
www-sonatype-com-3567	238	14	,	,	,
www-sonatype-com-3567	238	15	engineering	engineering	NN
www-sonatype-com-3567	238	16	productivity	productivity	NN
www-sonatype-com-3567	238	17	,	,	,
www-sonatype-com-3567	238	18	job	job	NN
www-sonatype-com-3567	238	19	satisfaction	satisfaction	NN
www-sonatype-com-3567	238	20	)	)	-RRB-
www-sonatype-com-3567	238	21	and	and	CC
www-sonatype-com-3567	238	22	practices	practice	NNS
www-sonatype-com-3567	238	23	(	(	-LRB-
www-sonatype-com-3567	238	24	e.g.	e.g.	RB
www-sonatype-com-3567	238	25	,	,	,
www-sonatype-com-3567	238	26	approaches	approach	NNS
www-sonatype-com-3567	238	27	and	and	CC
www-sonatype-com-3567	238	28	philosophies	philosophy	NNS
www-sonatype-com-3567	238	29	to	to	IN
www-sonatype-com-3567	238	30	utilizing	utilize	VBG
www-sonatype-com-3567	238	31	open	open	JJ
www-sonatype-com-3567	238	32	source	source	NN
www-sonatype-com-3567	238	33	components	component	NNS
www-sonatype-com-3567	238	34	,	,	,
www-sonatype-com-3567	238	35	organizational	organizational	JJ
www-sonatype-com-3567	238	36	design	design	NN
www-sonatype-com-3567	238	37	,	,	,
www-sonatype-com-3567	238	38	governance	governance	NN
www-sonatype-com-3567	238	39	,	,	,
www-sonatype-com-3567	238	40	approval	approval	NN
www-sonatype-com-3567	238	41	processes	process	NNS
www-sonatype-com-3567	238	42	,	,	,
www-sonatype-com-3567	238	43	and	and	CC
www-sonatype-com-3567	238	44	tooling	tooling	NN
www-sonatype-com-3567	238	45	)	)	-RRB-
www-sonatype-com-3567	238	46	.	.	.
www-sonatype-com-3567	239	1	The	the	DT
www-sonatype-com-3567	239	2	goal	goal	NN
www-sonatype-com-3567	239	3	was	be	VBD
www-sonatype-com-3567	239	4	to	to	TO
www-sonatype-com-3567	239	5	discover	discover	VB
www-sonatype-com-3567	239	6	to	to	IN
www-sonatype-com-3567	239	7	what	what	WDT
www-sonatype-com-3567	239	8	extent	extent	NN
www-sonatype-com-3567	239	9	various	various	JJ
www-sonatype-com-3567	239	10	practices	practice	NNS
www-sonatype-com-3567	239	11	contribute	contribute	VBP
www-sonatype-com-3567	239	12	to	to	IN
www-sonatype-com-3567	239	13	success	success	NN
www-sonatype-com-3567	239	14	.	.	.
www-sonatype-com-3567	240	1	To	to	TO
www-sonatype-com-3567	240	2	assess	assess	VB
www-sonatype-com-3567	240	3	this	this	DT
www-sonatype-com-3567	240	4	,	,	,
www-sonatype-com-3567	240	5	we	-PRON-	PRP
www-sonatype-com-3567	240	6	performed	perform	VBD
www-sonatype-com-3567	240	7	a	a	DT
www-sonatype-com-3567	240	8	number	number	NN
www-sonatype-com-3567	240	9	of	of	IN
www-sonatype-com-3567	240	10	analyses	analysis	NNS
www-sonatype-com-3567	240	11	including	include	VBG
www-sonatype-com-3567	240	12	fitting	fitting	JJ
www-sonatype-com-3567	240	13	regression	regression	NN
www-sonatype-com-3567	240	14	models	model	NNS
www-sonatype-com-3567	240	15	to	to	IN
www-sonatype-com-3567	240	16	the	the	DT
www-sonatype-com-3567	240	17	data	datum	NNS
www-sonatype-com-3567	240	18	,	,	,
www-sonatype-com-3567	240	19	clustering	clustering	NN
www-sonatype-com-3567	240	20	,	,	,
www-sonatype-com-3567	240	21	and	and	CC
www-sonatype-com-3567	240	22	examining	examine	VBG
www-sonatype-com-3567	240	23	statistically	statistically	RB
www-sonatype-com-3567	240	24	-	-	HYPH
www-sonatype-com-3567	240	25	significant	significant	JJ
www-sonatype-com-3567	240	26	between-	between-	.
www-sonatype-com-3567	240	27	group	group	NN
www-sonatype-com-3567	240	28	effects	effect	NNS
www-sonatype-com-3567	240	29	.	.	.
www-sonatype-com-3567	241	1	We	-PRON-	PRP
www-sonatype-com-3567	241	2	believe	believe	VBP
www-sonatype-com-3567	241	3	the	the	DT
www-sonatype-com-3567	241	4	results	result	NNS
www-sonatype-com-3567	241	5	we	-PRON-	PRP
www-sonatype-com-3567	241	6	found	find	VBD
www-sonatype-com-3567	241	7	can	can	MD
www-sonatype-com-3567	241	8	help	help	VB
www-sonatype-com-3567	241	9	organi-	organi-	NN
www-sonatype-com-3567	241	10	zations	zation	NNS
www-sonatype-com-3567	241	11	evaluate	evaluate	VB
www-sonatype-com-3567	241	12	their	-PRON-	PRP$
www-sonatype-com-3567	241	13	approaches	approach	NNS
www-sonatype-com-3567	241	14	to	to	IN
www-sonatype-com-3567	241	15	using	use	VBG
www-sonatype-com-3567	241	16	open	open	JJ
www-sonatype-com-3567	241	17	source	source	NN
www-sonatype-com-3567	241	18	components	component	NNS
www-sonatype-com-3567	241	19	and	and	CC
www-sonatype-com-3567	241	20	improve	improve	VB
www-sonatype-com-3567	241	21	the	the	DT
www-sonatype-com-3567	241	22	performance	performance	NN
www-sonatype-com-3567	241	23	and	and	CC
www-sonatype-com-3567	241	24	security	security	NN
www-sonatype-com-3567	241	25	of	of	IN
www-sonatype-com-3567	241	26	their	-PRON-	PRP$
www-sonatype-com-3567	241	27	software	software	NN
www-sonatype-com-3567	241	28	delivery	delivery	NN
www-sonatype-com-3567	241	29	practices	practice	NNS
www-sonatype-com-3567	241	30	.	.	.
www-sonatype-com-3567	242	1	Survey	survey	NN
www-sonatype-com-3567	242	2	of	of	IN
www-sonatype-com-3567	242	3	Open	Open	NNP
www-sonatype-com-3567	242	4	Source	Source	NNP
www-sonatype-com-3567	242	5	Management	Management	NNP
www-sonatype-com-3567	242	6	Practices	Practices	NNPS
www-sonatype-com-3567	242	7	We	-PRON-	PRP
www-sonatype-com-3567	242	8	created	create	VBD
www-sonatype-com-3567	242	9	a	a	DT
www-sonatype-com-3567	242	10	survey	survey	NN
www-sonatype-com-3567	242	11	with	with	IN
www-sonatype-com-3567	242	12	41	41	CD
www-sonatype-com-3567	242	13	questions	question	NNS
www-sonatype-com-3567	242	14	,	,	,
www-sonatype-com-3567	242	15	exploring	explore	VBG
www-sonatype-com-3567	242	16	ten	ten	CD
www-sonatype-com-3567	242	17	areas	area	NNS
www-sonatype-com-3567	242	18	of	of	IN
www-sonatype-com-3567	242	19	software	software	NN
www-sonatype-com-3567	242	20	outcomes	outcome	NNS
www-sonatype-com-3567	242	21	(	(	-LRB-
www-sonatype-com-3567	242	22	dependent	dependent	JJ
www-sonatype-com-3567	242	23	vari-	vari-	NNP
www-sonatype-com-3567	242	24	ables	ables	NNP
www-sonatype-com-3567	242	25	)	)	-RRB-
www-sonatype-com-3567	242	26	,	,	,
www-sonatype-com-3567	242	27	and	and	CC
www-sonatype-com-3567	242	28	twenty	twenty	CD
www-sonatype-com-3567	242	29	-	-	HYPH
www-sonatype-com-3567	242	30	four	four	CD
www-sonatype-com-3567	242	31	areas	area	NNS
www-sonatype-com-3567	242	32	of	of	IN
www-sonatype-com-3567	242	33	software	software	NN
www-sonatype-com-3567	242	34	practices	practice	NNS
www-sonatype-com-3567	242	35	,	,	,
www-sonatype-com-3567	242	36	tooling	tooling	NN
www-sonatype-com-3567	242	37	,	,	,
www-sonatype-com-3567	242	38	organization	organization	NN
www-sonatype-com-3567	242	39	,	,	,
www-sonatype-com-3567	242	40	policies	policy	NNS
www-sonatype-com-3567	242	41	,	,	,
www-sonatype-com-3567	242	42	etc	etc	FW
www-sonatype-com-3567	242	43	.	.	.
www-sonatype-com-3567	243	1	(	(	-LRB-
www-sonatype-com-3567	243	2	independent	independent	JJ
www-sonatype-com-3567	243	3	variables	variable	NNS
www-sonatype-com-3567	243	4	)	)	-RRB-
www-sonatype-com-3567	243	5	.	.	.
www-sonatype-com-3567	244	1	We	-PRON-	PRP
www-sonatype-com-3567	244	2	obtained	obtain	VBD
www-sonatype-com-3567	244	3	responses	response	NNS
www-sonatype-com-3567	244	4	from	from	IN
www-sonatype-com-3567	244	5	679	679	CD
www-sonatype-com-3567	244	6	individuals	individual	NNS
www-sonatype-com-3567	244	7	across	across	IN
www-sonatype-com-3567	244	8	a	a	DT
www-sonatype-com-3567	244	9	wide	wide	JJ
www-sonatype-com-3567	244	10	variety	variety	NN
www-sonatype-com-3567	244	11	of	of	IN
www-sonatype-com-3567	244	12	industry	industry	NN
www-sonatype-com-3567	244	13	verticals	vertical	NNS
www-sonatype-com-3567	244	14	,	,	,
www-sonatype-com-3567	244	15	including	include	VBG
www-sonatype-com-3567	244	16	Banking	Banking	NNP
www-sonatype-com-3567	244	17	,	,	,
www-sonatype-com-3567	244	18	Retail	Retail	NNP
www-sonatype-com-3567	244	19	,	,	,
www-sonatype-com-3567	244	20	Healthcare	Healthcare	NNP
www-sonatype-com-3567	244	21	,	,	,
www-sonatype-com-3567	244	22	and	and	CC
www-sonatype-com-3567	244	23	Government	Government	NNP
www-sonatype-com-3567	244	24	(	(	-LRB-
www-sonatype-com-3567	244	25	SEE	see	UH
www-sonatype-com-3567	244	26	FIGURE	FIGURE	NNP
www-sonatype-com-3567	244	27	4A	4A	NNS
www-sonatype-com-3567	244	28	)	)	-RRB-
www-sonatype-com-3567	244	29	.	.	.
www-sonatype-com-3567	245	1	Organizations	organization	NNS
www-sonatype-com-3567	245	2	of	of	IN
www-sonatype-com-3567	245	3	all	all	DT
www-sonatype-com-3567	245	4	sizes	size	NNS
www-sonatype-com-3567	245	5	were	be	VBD
www-sonatype-com-3567	245	6	repre-	repre-	JJ
www-sonatype-com-3567	245	7	sented	sente	VBN
www-sonatype-com-3567	245	8	,	,	,
www-sonatype-com-3567	245	9	ranging	range	VBG
www-sonatype-com-3567	245	10	from	from	IN
www-sonatype-com-3567	245	11	10-developer	10-developer	CD
www-sonatype-com-3567	245	12	organizations	organization	NNS
www-sonatype-com-3567	245	13	to	to	IN
www-sonatype-com-3567	245	14	companies	company	NNS
www-sonatype-com-3567	245	15	with	with	IN
www-sonatype-com-3567	245	16	more	more	JJR
www-sonatype-com-3567	245	17	than	than	IN
www-sonatype-com-3567	245	18	5,000	5,000	CD
www-sonatype-com-3567	245	19	developers	developer	NNS
www-sonatype-com-3567	245	20	.	.	.
www-sonatype-com-3567	246	1	63	63	CD
www-sonatype-com-3567	246	2	%	%	NN
www-sonatype-com-3567	246	3	of	of	IN
www-sonatype-com-3567	246	4	respondents	respondent	NNS
www-sonatype-com-3567	246	5	were	be	VBD
www-sonatype-com-3567	246	6	individual	individual	JJ
www-sonatype-com-3567	246	7	contributors	contributor	NNS
www-sonatype-com-3567	246	8	or	or	CC
www-sonatype-com-3567	246	9	team	team	NN
www-sonatype-com-3567	246	10	leads	lead	VBZ
www-sonatype-com-3567	246	11	,	,	,
www-sonatype-com-3567	246	12	while	while	IN
www-sonatype-com-3567	246	13	37	37	CD
www-sonatype-com-3567	246	14	%	%	NN
www-sonatype-com-3567	246	15	were	be	VBD
www-sonatype-com-3567	246	16	managers	manager	NNS
www-sonatype-com-3567	246	17	,	,	,
www-sonatype-com-3567	246	18	VPs	vp	NNS
www-sonatype-com-3567	246	19	,	,	,
www-sonatype-com-3567	246	20	or	or	CC
www-sonatype-com-3567	246	21	execu-	execu-	VBG
www-sonatype-com-3567	246	22	tives	tive	NNS
www-sonatype-com-3567	246	23	.	.	.
www-sonatype-com-3567	247	1	Participants	participant	NNS
www-sonatype-com-3567	247	2	achieved	achieve	VBD
www-sonatype-com-3567	247	3	a	a	DT
www-sonatype-com-3567	247	4	75	75	CD
www-sonatype-com-3567	247	5	%	%	NN
www-sonatype-com-3567	247	6	completion	completion	NN
www-sonatype-com-3567	247	7	rate	rate	NN
www-sonatype-com-3567	247	8	,	,	,
www-sonatype-com-3567	247	9	defined	define	VBN
www-sonatype-com-3567	247	10	as	as	IN
www-sonatype-com-3567	247	11	respondents	respondent	NNS
www-sonatype-com-3567	247	12	that	that	WDT
www-sonatype-com-3567	247	13	answered	answer	VBD
www-sonatype-com-3567	247	14	all	all	DT
www-sonatype-com-3567	247	15	of	of	IN
www-sonatype-com-3567	247	16	the	the	DT
www-sonatype-com-3567	247	17	questions	question	NNS
www-sonatype-com-3567	247	18	that	that	WDT
www-sonatype-com-3567	247	19	fed	feed	VBD
www-sonatype-com-3567	247	20	into	into	IN
www-sonatype-com-3567	247	21	our	-PRON-	PRP$
www-sonatype-com-3567	247	22	statistical	statistical	JJ
www-sonatype-com-3567	247	23	data	data	NN
www-sonatype-com-3567	247	24	analysis	analysis	NN
www-sonatype-com-3567	247	25	.	.	.
www-sonatype-com-3567	248	1	Cluster	Cluster	NNP
www-sonatype-com-3567	248	2	Analysis	Analysis	NNP
www-sonatype-com-3567	248	3	and	and	CC
www-sonatype-com-3567	248	4	Findings	Findings	NNPS
www-sonatype-com-3567	248	5	To	to	TO
www-sonatype-com-3567	248	6	identify	identify	VB
www-sonatype-com-3567	248	7	cohorts	cohort	NNS
www-sonatype-com-3567	248	8	with	with	IN
www-sonatype-com-3567	248	9	similar	similar	JJ
www-sonatype-com-3567	248	10	reported	report	VBN
www-sonatype-com-3567	248	11	outcomes	outcome	NNS
www-sonatype-com-3567	248	12	,	,	,
www-sonatype-com-3567	248	13	and	and	CC
www-sonatype-com-3567	248	14	identify	identify	VB
www-sonatype-com-3567	248	15	high	high	JJ
www-sonatype-com-3567	248	16	and	and	CC
www-sonatype-com-3567	248	17	low	low	JJ
www-sonatype-com-3567	248	18	performers	performer	NNS
www-sonatype-com-3567	248	19	,	,	,
www-sonatype-com-3567	248	20	we	-PRON-	PRP
www-sonatype-com-3567	248	21	used	use	VBD
www-sonatype-com-3567	248	22	a	a	DT
www-sonatype-com-3567	248	23	cluster	cluster	NN
www-sonatype-com-3567	248	24	analysis.27	analysis.27	NNP
www-sonatype-com-3567	248	25	We	-PRON-	PRP
www-sonatype-com-3567	248	26	found	find	VBD
www-sonatype-com-3567	248	27	four	four	CD
www-sonatype-com-3567	248	28	clusters	cluster	NNS
www-sonatype-com-3567	248	29	with	with	IN
www-sonatype-com-3567	248	30	markedly	markedly	RB
www-sonatype-com-3567	248	31	different	different	JJ
www-sonatype-com-3567	248	32	levels	level	NNS
www-sonatype-com-3567	248	33	of	of	IN
www-sonatype-com-3567	248	34	performance	performance	NN
www-sonatype-com-3567	248	35	,	,	,
www-sonatype-com-3567	248	36	with	with	IN
www-sonatype-com-3567	248	37	different	different	JJ
www-sonatype-com-3567	248	38	patterns	pattern	NNS
www-sonatype-com-3567	248	39	of	of	IN
www-sonatype-com-3567	248	40	practices	practice	NNS
www-sonatype-com-3567	248	41	,	,	,
www-sonatype-com-3567	248	42	and	and	CC
www-sonatype-com-3567	248	43	with	with	IN
www-sonatype-com-3567	248	44	almost	almost	RB
www-sonatype-com-3567	248	45	all	all	DT
www-sonatype-com-3567	248	46	factors	factor	NNS
www-sonatype-com-3567	248	47	being	be	VBG
www-sonatype-com-3567	248	48	statistically	statistically	RB
www-sonatype-com-3567	248	49	different	different	JJ
www-sonatype-com-3567	248	50	.	.	.
www-sonatype-com-3567	249	1	We	-PRON-	PRP
www-sonatype-com-3567	249	2	labeled	label	VBD
www-sonatype-com-3567	249	3	them	-PRON-	PRP
www-sonatype-com-3567	249	4	as	as	IN
www-sonatype-com-3567	249	5	follows	follow	VBZ
www-sonatype-com-3567	249	6	:	:	:
www-sonatype-com-3567	249	7	FIGURE	FIGURE	NNP
www-sonatype-com-3567	249	8	4A	4a	NN
www-sonatype-com-3567	249	9	Industry	Industry	NNP
www-sonatype-com-3567	249	10	Verticals	Verticals	NNPS
www-sonatype-com-3567	249	11	Analyzed	analyze	VBN
www-sonatype-com-3567	249	12	for	for	IN
www-sonatype-com-3567	249	13	OSS	OSS	NNP
www-sonatype-com-3567	249	14	Component	Component	NNP
www-sonatype-com-3567	249	15	-	-	HYPH
www-sonatype-com-3567	249	16	Based	Based	NNP
www-sonatype-com-3567	249	17	Development	Development	NNP
www-sonatype-com-3567	249	18	Practices	Practices	NNPS
www-sonatype-com-3567	249	19	C	C	NNP
www-sonatype-com-3567	249	20	H	h	NN
www-sonatype-com-3567	249	21	A	a	NN
www-sonatype-com-3567	249	22	P	p	NN
www-sonatype-com-3567	249	23	T	t	NN
www-sonatype-com-3567	249	24	E	e	NN
www-sonatype-com-3567	249	25	R	r	NN
www-sonatype-com-3567	249	26	4	4	CD
www-sonatype-com-3567	249	27	:	:	:
www-sonatype-com-3567	249	28	H	h	NN
www-sonatype-com-3567	249	29	O	o	NN
www-sonatype-com-3567	249	30	W	w	NN
www-sonatype-com-3567	249	31	H	h	NN
www-sonatype-com-3567	249	32	IG	ig	NN
www-sonatype-com-3567	249	33	H	h	NN
www-sonatype-com-3567	249	34	P	p	NN
www-sonatype-com-3567	249	35	E	e	NN
www-sonatype-com-3567	249	36	R	r	NN
www-sonatype-com-3567	249	37	F	f	NN
www-sonatype-com-3567	249	38	O	o	NN
www-sonatype-com-3567	249	39	R	r	NN
www-sonatype-com-3567	249	40	M	m	NN
www-sonatype-com-3567	249	41	A	A	NNP
www-sonatype-com-3567	249	42	N	n	NN
www-sonatype-com-3567	249	43	C	c	NN
www-sonatype-com-3567	249	44	E	e	NN
www-sonatype-com-3567	249	45	T	t	NN
www-sonatype-com-3567	249	46	E	e	NN
www-sonatype-com-3567	249	47	A	a	NN
www-sonatype-com-3567	249	48	M	m	NN
www-sonatype-com-3567	249	49	S	s	NN
www-sonatype-com-3567	249	50	M	M	NNP
www-sonatype-com-3567	249	51	A	A	NNP
www-sonatype-com-3567	249	52	N	N	NNP
www-sonatype-com-3567	249	53	A	a	NN
www-sonatype-com-3567	249	54	G	g	NN
www-sonatype-com-3567	249	55	E	e	NN
www-sonatype-com-3567	249	56	O	o	NN
www-sonatype-com-3567	249	57	P	p	NN
www-sonatype-com-3567	249	58	E	e	NN
www-sonatype-com-3567	249	59	N	n	NN
www-sonatype-com-3567	249	60	S	s	NN
www-sonatype-com-3567	249	61	O	o	NN
www-sonatype-com-3567	249	62	U	u	NN
www-sonatype-com-3567	249	63	R	r	NN
www-sonatype-com-3567	249	64	C	c	NN
www-sonatype-com-3567	249	65	E	e	NN
www-sonatype-com-3567	249	66	S	s	NN
www-sonatype-com-3567	249	67	O	o	NN
www-sonatype-com-3567	249	68	F	f	NN
www-sonatype-com-3567	249	69	T	t	NN
www-sonatype-com-3567	249	70	W	w	NN
www-sonatype-com-3567	249	71	A	a	NN
www-sonatype-com-3567	249	72	R	r	NN
www-sonatype-com-3567	249	73	E	e	NN
www-sonatype-com-3567	249	74	S	s	NN
www-sonatype-com-3567	249	75	U	u	NN
www-sonatype-com-3567	249	76	P	p	NN
www-sonatype-com-3567	249	77	P	p	NN
www-sonatype-com-3567	249	78	LY	ly	NN
www-sonatype-com-3567	249	79	C	c	NN
www-sonatype-com-3567	249	80	H	h	NN
www-sonatype-com-3567	249	81	A	a	NN
www-sonatype-com-3567	249	82	IN	in	NN
www-sonatype-com-3567	249	83	212020	212020	CD
www-sonatype-com-3567	249	84	STATE	STATE	NNP
www-sonatype-com-3567	249	85	OF	of	IN
www-sonatype-com-3567	249	86	THE	the	DT
www-sonatype-com-3567	249	87	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	249	88	SUPPLY	supply	NN
www-sonatype-com-3567	249	89	CHAIN	CHAIN	NNP
www-sonatype-com-3567	249	90	REPORT	REPORT	NNP
www-sonatype-com-3567	249	91	−4	−4	NNP
www-sonatype-com-3567	249	92	−2−3	−2−3	NNP
www-sonatype-com-3567	249	93	−1	−1	NNP
www-sonatype-com-3567	249	94	0	0	CD
www-sonatype-com-3567	249	95	21	21	CD
www-sonatype-com-3567	249	96	43	43	CD
www-sonatype-com-3567	249	97	−5	−5	CD
www-sonatype-com-3567	249	98	−4	−4	CD
www-sonatype-com-3567	249	99	−3	−3	NNP
www-sonatype-com-3567	249	100	−2	−2	NNP
www-sonatype-com-3567	249	101	−1	−1	NNP
www-sonatype-com-3567	249	102	0	0	CD
www-sonatype-com-3567	249	103	1	1	CD
www-sonatype-com-3567	249	104	2	2	CD
www-sonatype-com-3567	249	105	3	3	CD
www-sonatype-com-3567	249	106	4	4	CD
www-sonatype-com-3567	249	107	R	r	NN
www-sonatype-com-3567	249	108	IS	is	IN
www-sonatype-com-3567	249	109	K	k	NN
www-sonatype-com-3567	249	110	M	M	NNP
www-sonatype-com-3567	249	111	A	A	NNP
www-sonatype-com-3567	249	112	N	N	NNP
www-sonatype-com-3567	249	113	A	a	NN
www-sonatype-com-3567	249	114	G	g	NN
www-sonatype-com-3567	249	115	E	e	NN
www-sonatype-com-3567	249	116	M	m	NN
www-sonatype-com-3567	249	117	E	e	NN
www-sonatype-com-3567	249	118	N	n	NN
www-sonatype-com-3567	249	119	T	t	NN
www-sonatype-com-3567	249	120	O	o	NN
www-sonatype-com-3567	249	121	U	u	NN
www-sonatype-com-3567	249	122	T	t	NN
www-sonatype-com-3567	249	123	C	c	NN
www-sonatype-com-3567	249	124	O	o	NN
www-sonatype-com-3567	249	125	M	m	NN
www-sonatype-com-3567	249	126	E	e	NN
www-sonatype-com-3567	249	127	S	S	NNP
www-sonatype-com-3567	249	128	LOW	LOW	NNP
www-sonatype-com-3567	249	129	PERFORMERS	performer	NNS
www-sonatype-com-3567	249	130	PRODUCTIVITY	PRODUCTIVITY	NNP
www-sonatype-com-3567	249	131	FIRST	first	RB
www-sonatype-com-3567	249	132	HIGH	high	JJ
www-sonatype-com-3567	249	133	PERFORMERS	performer	NNS
www-sonatype-com-3567	249	134	PRODUCTIVITY	PRODUCTIVITY	NNS
www-sonatype-com-3567	249	135	OF	of	IN
www-sonatype-com-3567	249	136	DEVELOPMENT	development	NN
www-sonatype-com-3567	249	137	TEAMS	team	NNS
www-sonatype-com-3567	249	138	SECURITY	SECURITY	NNP
www-sonatype-com-3567	249	139	FIRST	FIRST	NNP
www-sonatype-com-3567	249	140	Measuring	Measuring	NNP
www-sonatype-com-3567	249	141	Risk	Risk	NNP
www-sonatype-com-3567	249	142	Management	Management	NNP
www-sonatype-com-3567	249	143	vs.	vs.	IN
www-sonatype-com-3567	250	1	Productivity	Productivity	NNP
www-sonatype-com-3567	250	2	Outcomes	Outcomes	NNPS
www-sonatype-com-3567	250	3	FIGURE	figure	VBP
www-sonatype-com-3567	250	4	4B	4b	NN
www-sonatype-com-3567	250	5	Measuring	Measuring	NNP
www-sonatype-com-3567	250	6	Risk	Risk	NNP
www-sonatype-com-3567	250	7	Management	Management	NNP
www-sonatype-com-3567	250	8	vs.	vs.	IN
www-sonatype-com-3567	251	1	Productivity	Productivity	NNP
www-sonatype-com-3567	251	2	Outcomes	Outcomes	NNP
www-sonatype-com-3567	251	3	⊲	⊲	CD
www-sonatype-com-3567	251	4	High	High	NNP
www-sonatype-com-3567	251	5	Performers	Performers	NNPS
www-sonatype-com-3567	251	6	:	:	:
www-sonatype-com-3567	251	7	high	high	JJ
www-sonatype-com-3567	251	8	productivity	productivity	NN
www-sonatype-com-3567	251	9	,	,	,
www-sonatype-com-3567	251	10	great	great	JJ
www-sonatype-com-3567	251	11	risk	risk	NN
www-sonatype-com-3567	251	12	management	management	NN
www-sonatype-com-3567	251	13	outcomes	outcome	NNS
www-sonatype-com-3567	251	14	(	(	-LRB-
www-sonatype-com-3567	251	15	N=151	n=151	NN
www-sonatype-com-3567	251	16	)	)	-RRB-
www-sonatype-com-3567	251	17	⊲	⊲	CD
www-sonatype-com-3567	251	18	Low	Low	NNP
www-sonatype-com-3567	251	19	Performers	Performers	NNPS
www-sonatype-com-3567	251	20	:	:	:
www-sonatype-com-3567	251	21	low	low	JJ
www-sonatype-com-3567	251	22	productivity	productivity	NN
www-sonatype-com-3567	251	23	,	,	,
www-sonatype-com-3567	251	24	poor	poor	JJ
www-sonatype-com-3567	251	25	risk	risk	NN
www-sonatype-com-3567	251	26	management	management	NN
www-sonatype-com-3567	251	27	outcomes	outcome	NNS
www-sonatype-com-3567	251	28	(	(	-LRB-
www-sonatype-com-3567	251	29	N=107	N=107	NNP
www-sonatype-com-3567	251	30	)	)	-RRB-
www-sonatype-com-3567	251	31	⊲	⊲	NNP
www-sonatype-com-3567	251	32	Security	Security	NNP
www-sonatype-com-3567	251	33	First	first	RB
www-sonatype-com-3567	251	34	:	:	:
www-sonatype-com-3567	251	35	low	low	JJ
www-sonatype-com-3567	251	36	productivity	productivity	NN
www-sonatype-com-3567	251	37	,	,	,
www-sonatype-com-3567	251	38	great	great	JJ
www-sonatype-com-3567	251	39	risk	risk	NN
www-sonatype-com-3567	251	40	man-	man-	IN
www-sonatype-com-3567	251	41	agement	agement	NN
www-sonatype-com-3567	251	42	outcomes	outcome	NNS
www-sonatype-com-3567	251	43	(	(	-LRB-
www-sonatype-com-3567	251	44	N=167	N=167	NNP
www-sonatype-com-3567	251	45	)	)	-RRB-
www-sonatype-com-3567	251	46	⊲	⊲	CD
www-sonatype-com-3567	251	47	Productivity	Productivity	NNP
www-sonatype-com-3567	251	48	First	first	RB
www-sonatype-com-3567	251	49	:	:	:
www-sonatype-com-3567	251	50	high	high	JJ
www-sonatype-com-3567	251	51	productivity	productivity	NN
www-sonatype-com-3567	251	52	,	,	,
www-sonatype-com-3567	251	53	poor	poor	JJ
www-sonatype-com-3567	251	54	risk	risk	NN
www-sonatype-com-3567	251	55	management	management	NN
www-sonatype-com-3567	251	56	outcomes	outcome	NNS
www-sonatype-com-3567	251	57	(	(	-LRB-
www-sonatype-com-3567	251	58	N=103	n=103	LS
www-sonatype-com-3567	251	59	)	)	-RRB-
www-sonatype-com-3567	251	60	We	-PRON-	PRP
www-sonatype-com-3567	251	61	can	can	MD
www-sonatype-com-3567	251	62	quickly	quickly	RB
www-sonatype-com-3567	251	63	see	see	VB
www-sonatype-com-3567	251	64	the	the	DT
www-sonatype-com-3567	251	65	different	different	JJ
www-sonatype-com-3567	251	66	characteristics	characteristic	NNS
www-sonatype-com-3567	251	67	of	of	IN
www-sonatype-com-3567	251	68	the	the	DT
www-sonatype-com-3567	251	69	four	four	CD
www-sonatype-com-3567	251	70	clusters	cluster	NNS
www-sonatype-com-3567	251	71	by	by	IN
www-sonatype-com-3567	251	72	projecting	project	VBG
www-sonatype-com-3567	251	73	them	-PRON-	PRP
www-sonatype-com-3567	251	74	onto	onto	IN
www-sonatype-com-3567	251	75	a	a	DT
www-sonatype-com-3567	251	76	quad-	quad-	JJ
www-sonatype-com-3567	251	77	rant	rant	NN
www-sonatype-com-3567	251	78	—	—	:
www-sonatype-com-3567	251	79	 	  	_SP
www-sonatype-com-3567	251	80	on	on	IN
www-sonatype-com-3567	251	81	one	one	CD
www-sonatype-com-3567	251	82	axis	axi	NNS
www-sonatype-com-3567	251	83	are	be	VBP
www-sonatype-com-3567	251	84	all	all	PDT
www-sonatype-com-3567	251	85	the	the	DT
www-sonatype-com-3567	251	86	productivity	productivity	NN
www-sonatype-com-3567	251	87	-	-	HYPH
www-sonatype-com-3567	251	88	related	relate	VBN
www-sonatype-com-3567	251	89	outcomes	outcome	NNS
www-sonatype-com-3567	251	90	combined	combine	VBN
www-sonatype-com-3567	251	91	into	into	IN
www-sonatype-com-3567	251	92	a	a	DT
www-sonatype-com-3567	251	93	single	single	JJ
www-sonatype-com-3567	251	94	dimension	dimension	NN
www-sonatype-com-3567	251	95	,	,	,
www-sonatype-com-3567	251	96	and	and	CC
www-sonatype-com-3567	251	97	on	on	IN
www-sonatype-com-3567	251	98	the	the	DT
www-sonatype-com-3567	251	99	other	other	JJ
www-sonatype-com-3567	251	100	are	be	VBP
www-sonatype-com-3567	251	101	the	the	DT
www-sonatype-com-3567	251	102	risk	risk	NN
www-sonatype-com-3567	251	103	management	management	NN
www-sonatype-com-3567	251	104	outcomes	outcome	NNS
www-sonatype-com-3567	251	105	combined	combine	VBN
www-sonatype-com-3567	251	106	into	into	IN
www-sonatype-com-3567	251	107	a	a	DT
www-sonatype-com-3567	251	108	single	single	JJ
www-sonatype-com-3567	251	109	dimension	dimension	NN
www-sonatype-com-3567	251	110	(	(	-LRB-
www-sonatype-com-3567	251	111	both	both	DT
www-sonatype-com-3567	251	112	using	use	VBG
www-sonatype-com-3567	251	113	principal	principal	JJ
www-sonatype-com-3567	251	114	components	component	NNS
www-sonatype-com-3567	251	115	analysis	analysis	NN
www-sonatype-com-3567	251	116	)	)	-RRB-
www-sonatype-com-3567	251	117	.	.	.
www-sonatype-com-3567	252	1	The	the	DT
www-sonatype-com-3567	252	2	resulting	result	VBG
www-sonatype-com-3567	252	3	graph	graph	NN
www-sonatype-com-3567	252	4	(	(	-LRB-
www-sonatype-com-3567	252	5	FIGURE	FIGURE	NNP
www-sonatype-com-3567	252	6	4B	4b	NN
www-sonatype-com-3567	252	7	)	)	-RRB-
www-sonatype-com-3567	252	8	identifies	identify	VBZ
www-sonatype-com-3567	252	9	a	a	DT
www-sonatype-com-3567	252	10	High	High	NNP
www-sonatype-com-3567	252	11	Performers	Performers	NNP
www-sonatype-com-3567	252	12	cluster	cluster	NN
www-sonatype-com-3567	252	13	(	(	-LRB-
www-sonatype-com-3567	252	14	purple	purple	JJ
www-sonatype-com-3567	252	15	,	,	,
www-sonatype-com-3567	252	16	upper	upper	JJ
www-sonatype-com-3567	252	17	right	right	NN
www-sonatype-com-3567	252	18	)	)	-RRB-
www-sonatype-com-3567	252	19	who	who	WP
www-sonatype-com-3567	252	20	demonstrate	demonstrate	VBP
www-sonatype-com-3567	252	21	superior	superior	JJ
www-sonatype-com-3567	252	22	risk	risk	NN
www-sonatype-com-3567	252	23	management	management	NN
www-sonatype-com-3567	252	24	outcomes	outcome	NNS
www-sonatype-com-3567	252	25	while	while	IN
www-sonatype-com-3567	252	26	maintaining	maintain	VBG
www-sonatype-com-3567	252	27	high	high	JJ
www-sonatype-com-3567	252	28	levels	level	NNS
www-sonatype-com-3567	252	29	of	of	IN
www-sonatype-com-3567	252	30	productivity	productivity	NN
www-sonatype-com-3567	252	31	.	.	.
www-sonatype-com-3567	253	1	The	the	DT
www-sonatype-com-3567	253	2	Low	Low	NNP
www-sonatype-com-3567	253	3	Performers	Performers	NNPS
www-sonatype-com-3567	253	4	cluster	cluster	NN
www-sonatype-com-3567	253	5	(	(	-LRB-
www-sonatype-com-3567	253	6	red	red	NN
www-sonatype-com-3567	253	7	,	,	,
www-sonatype-com-3567	253	8	lower	lower	RBR
www-sonatype-com-3567	253	9	left	left	JJ
www-sonatype-com-3567	253	10	)	)	-RRB-
www-sonatype-com-3567	253	11	identifies	identify	VBZ
www-sonatype-com-3567	253	12	the	the	DT
www-sonatype-com-3567	253	13	opposite	opposite	JJ
www-sonatype-com-3567	253	14	pattern	pattern	NN
www-sonatype-com-3567	253	15	:	:	:
www-sonatype-com-3567	253	16	demonstrating	demonstrate	VBG
www-sonatype-com-3567	253	17	substandard	substandard	JJ
www-sonatype-com-3567	253	18	risk	risk	NN
www-sonatype-com-3567	253	19	management	management	NN
www-sonatype-com-3567	253	20	outcomes	outcome	NNS
www-sonatype-com-3567	253	21	and	and	CC
www-sonatype-com-3567	253	22	low	low	JJ
www-sonatype-com-3567	253	23	levels	level	NNS
www-sonatype-com-3567	253	24	of	of	IN
www-sonatype-com-3567	253	25	productivity	productivity	NN
www-sonatype-com-3567	253	26	.	.	.
www-sonatype-com-3567	254	1	The	the	DT
www-sonatype-com-3567	254	2	Security	Security	NNP
www-sonatype-com-3567	254	3	First	First	NNP
www-sonatype-com-3567	254	4	cluster	cluster	NN
www-sonatype-com-3567	254	5	has	have	VBZ
www-sonatype-com-3567	254	6	high	high	JJ
www-sonatype-com-3567	254	7	security	security	NN
www-sonatype-com-3567	254	8	outcomes	outcome	NNS
www-sonatype-com-3567	254	9	,	,	,
www-sonatype-com-3567	254	10	but	but	CC
www-sonatype-com-3567	254	11	low	low	JJ
www-sonatype-com-3567	254	12	productivity	productivity	NN
www-sonatype-com-3567	254	13	,	,	,
www-sonatype-com-3567	254	14	and	and	CC
www-sonatype-com-3567	254	15	the	the	DT
www-sonatype-com-3567	254	16	Productivity	Productivity	NNP
www-sonatype-com-3567	254	17	First	first	RB
www-sonatype-com-3567	254	18	has	have	VBZ
www-sonatype-com-3567	254	19	high	high	JJ
www-sonatype-com-3567	254	20	productivity	productivity	NN
www-sonatype-com-3567	254	21	,	,	,
www-sonatype-com-3567	254	22	but	but	CC
www-sonatype-com-3567	254	23	poor	poor	JJ
www-sonatype-com-3567	254	24	security	security	NN
www-sonatype-com-3567	254	25	outcomes	outcome	NNS
www-sonatype-com-3567	254	26	.	.	.
www-sonatype-com-3567	255	1	It	-PRON-	PRP
www-sonatype-com-3567	255	2	is	be	VBZ
www-sonatype-com-3567	255	3	important	important	JJ
www-sonatype-com-3567	255	4	to	to	TO
www-sonatype-com-3567	255	5	note	note	VB
www-sonatype-com-3567	255	6	that	that	IN
www-sonatype-com-3567	255	7	the	the	DT
www-sonatype-com-3567	255	8	High	High	NNP
www-sonatype-com-3567	255	9	Performers	Performers	NNPS
www-sonatype-com-3567	255	10	achieved	achieve	VBD
www-sonatype-com-3567	255	11	even	even	RB
www-sonatype-com-3567	255	12	higher	high	JJR
www-sonatype-com-3567	255	13	average	average	JJ
www-sonatype-com-3567	255	14	productivity	productivity	NN
www-sonatype-com-3567	255	15	levels	level	NNS
www-sonatype-com-3567	255	16	than	than	IN
www-sonatype-com-3567	255	17	the	the	DT
www-sonatype-com-3567	255	18	Productivity	Productivity	NNP
www-sonatype-com-3567	255	19	First	First	NNP
www-sonatype-com-3567	255	20	cluster	cluster	NN
www-sonatype-com-3567	255	21	.	.	.
www-sonatype-com-3567	256	1	As	as	IN
www-sonatype-com-3567	256	2	seen	see	VBN
www-sonatype-com-3567	256	3	in	in	IN
www-sonatype-com-3567	256	4	FIGURE	FIGURE	NNP
www-sonatype-com-3567	256	5	4B	4b	NN
www-sonatype-com-3567	256	6	,	,	,
www-sonatype-com-3567	256	7	the	the	DT
www-sonatype-com-3567	256	8	High	High	NNP
www-sonatype-com-3567	256	9	Performers	Performers	NNPS
www-sonatype-com-3567	256	10	are	be	VBP
www-sonatype-com-3567	256	11	tightly	tightly	RB
www-sonatype-com-3567	256	12	clustered	cluster	VBN
www-sonatype-com-3567	256	13	in	in	IN
www-sonatype-com-3567	256	14	the	the	DT
www-sonatype-com-3567	256	15	upper	upper	JJ
www-sonatype-com-3567	256	16	right	right	JJ
www-sonatype-com-3567	256	17	quadrant	quadrant	NN
www-sonatype-com-3567	256	18	,	,	,
www-sonatype-com-3567	256	19	while	while	IN
www-sonatype-com-3567	256	20	the	the	DT
www-sonatype-com-3567	256	21	Productivity	Productivity	NNP
www-sonatype-com-3567	256	22	First	First	NNP
www-sonatype-com-3567	256	23	group	group	NN
www-sonatype-com-3567	256	24	is	be	VBZ
www-sonatype-com-3567	256	25	more	more	RBR
www-sonatype-com-3567	256	26	distributed	distribute	VBN
www-sonatype-com-3567	256	27	across	across	IN
www-sonatype-com-3567	256	28	the	the	DT
www-sonatype-com-3567	256	29	bottom	bottom	NN
www-sonatype-com-3567	256	30	left-	left-	NN
www-sonatype-com-3567	256	31	and	and	CC
www-sonatype-com-3567	256	32	right	right	JJ
www-sonatype-com-3567	256	33	-	-	HYPH
www-sonatype-com-3567	256	34	quadrants	quadrant	NNS
www-sonatype-com-3567	256	35	.	.	.
www-sonatype-com-3567	257	1	C	c	NN
www-sonatype-com-3567	257	2	H	h	NN
www-sonatype-com-3567	257	3	A	a	NN
www-sonatype-com-3567	257	4	P	p	NN
www-sonatype-com-3567	257	5	T	t	NN
www-sonatype-com-3567	257	6	E	e	NN
www-sonatype-com-3567	257	7	R	r	NN
www-sonatype-com-3567	257	8	4	4	CD
www-sonatype-com-3567	257	9	:	:	:
www-sonatype-com-3567	257	10	H	h	NN
www-sonatype-com-3567	257	11	O	o	NN
www-sonatype-com-3567	257	12	W	w	NN
www-sonatype-com-3567	257	13	H	h	NN
www-sonatype-com-3567	257	14	IG	ig	NN
www-sonatype-com-3567	257	15	H	h	NN
www-sonatype-com-3567	257	16	P	p	NN
www-sonatype-com-3567	257	17	E	e	NN
www-sonatype-com-3567	257	18	R	r	NN
www-sonatype-com-3567	257	19	F	f	NN
www-sonatype-com-3567	257	20	O	o	NN
www-sonatype-com-3567	257	21	R	r	NN
www-sonatype-com-3567	257	22	M	m	NN
www-sonatype-com-3567	257	23	A	A	NNP
www-sonatype-com-3567	257	24	N	n	NN
www-sonatype-com-3567	257	25	C	c	NN
www-sonatype-com-3567	257	26	E	e	NN
www-sonatype-com-3567	257	27	T	t	NN
www-sonatype-com-3567	257	28	E	e	NN
www-sonatype-com-3567	257	29	A	a	NN
www-sonatype-com-3567	257	30	M	m	NN
www-sonatype-com-3567	257	31	S	s	NN
www-sonatype-com-3567	257	32	M	M	NNP
www-sonatype-com-3567	257	33	A	A	NNP
www-sonatype-com-3567	257	34	N	N	NNP
www-sonatype-com-3567	257	35	A	a	NN
www-sonatype-com-3567	257	36	G	g	NN
www-sonatype-com-3567	257	37	E	e	NN
www-sonatype-com-3567	257	38	O	o	NN
www-sonatype-com-3567	257	39	P	p	NN
www-sonatype-com-3567	257	40	E	e	NN
www-sonatype-com-3567	257	41	N	n	NN
www-sonatype-com-3567	257	42	S	s	NN
www-sonatype-com-3567	257	43	O	o	NN
www-sonatype-com-3567	257	44	U	u	NN
www-sonatype-com-3567	257	45	R	r	NN
www-sonatype-com-3567	257	46	C	c	NN
www-sonatype-com-3567	257	47	E	e	NN
www-sonatype-com-3567	257	48	S	s	NN
www-sonatype-com-3567	257	49	O	o	NN
www-sonatype-com-3567	257	50	F	f	NN
www-sonatype-com-3567	257	51	T	t	NN
www-sonatype-com-3567	257	52	W	w	NN
www-sonatype-com-3567	257	53	A	a	NN
www-sonatype-com-3567	257	54	R	r	NN
www-sonatype-com-3567	257	55	E	e	NN
www-sonatype-com-3567	257	56	S	s	NN
www-sonatype-com-3567	257	57	U	u	NN
www-sonatype-com-3567	257	58	P	p	NN
www-sonatype-com-3567	257	59	P	p	NN
www-sonatype-com-3567	257	60	LY	ly	NN
www-sonatype-com-3567	257	61	C	c	NN
www-sonatype-com-3567	257	62	H	h	NN
www-sonatype-com-3567	257	63	A	a	NN
www-sonatype-com-3567	257	64	IN	in	NN
www-sonatype-com-3567	257	65	222020	222020	CD
www-sonatype-com-3567	257	66	STATE	STATE	NNP
www-sonatype-com-3567	257	67	OF	of	IN
www-sonatype-com-3567	257	68	THE	the	DT
www-sonatype-com-3567	257	69	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	257	70	SUPPLY	supply	NN
www-sonatype-com-3567	257	71	CHAIN	chain	NN
www-sonatype-com-3567	257	72	REPORT	REPORT	NNP
www-sonatype-com-3567	257	73	Comparing	compare	VBG
www-sonatype-com-3567	257	74	High	High	NNP
www-sonatype-com-3567	257	75	Performers	Performers	NNPS
www-sonatype-com-3567	257	76	vs.	vs.	IN
www-sonatype-com-3567	257	77	Low	Low	NNP
www-sonatype-com-3567	257	78	Performers	performer	NNS
www-sonatype-com-3567	257	79	The	the	DT
www-sonatype-com-3567	257	80	tables	table	NNS
www-sonatype-com-3567	257	81	on	on	IN
www-sonatype-com-3567	257	82	the	the	DT
www-sonatype-com-3567	257	83	following	follow	VBG
www-sonatype-com-3567	257	84	pages	page	NNS
www-sonatype-com-3567	257	85	show	show	VBP
www-sonatype-com-3567	257	86	how	how	WRB
www-sonatype-com-3567	257	87	decisively	decisively	RB
www-sonatype-com-3567	257	88	the	the	DT
www-sonatype-com-3567	257	89	High	High	NNP
www-sonatype-com-3567	257	90	Performers	Performers	NNPS
www-sonatype-com-3567	257	91	outperform	outperform	NN
www-sonatype-com-3567	257	92	the	the	DT
www-sonatype-com-3567	257	93	low	low	JJ
www-sonatype-com-3567	257	94	performers	performer	NNS
www-sonatype-com-3567	257	95	in	in	IN
www-sonatype-com-3567	257	96	software	software	NN
www-sonatype-com-3567	257	97	delivery	delivery	NN
www-sonatype-com-3567	257	98	and	and	CC
www-sonatype-com-3567	257	99	security	security	NN
www-sonatype-com-3567	257	100	—	—	:
www-sonatype-com-3567	257	101	 	  	_SP
www-sonatype-com-3567	257	102	they	-PRON-	PRP
www-sonatype-com-3567	257	103	deploy	deploy	VBP
www-sonatype-com-3567	257	104	more	more	RBR
www-sonatype-com-3567	257	105	frequently	frequently	RB
www-sonatype-com-3567	257	106	,	,	,
www-sonatype-com-3567	257	107	they	-PRON-	PRP
www-sonatype-com-3567	257	108	detect	detect	VBP
www-sonatype-com-3567	257	109	and	and	CC
www-sonatype-com-3567	257	110	remediate	remediate	VBP
www-sonatype-com-3567	257	111	vulnerable	vulnerable	JJ
www-sonatype-com-3567	257	112	OSS	oss	NN
www-sonatype-com-3567	257	113	components	component	NNS
www-sonatype-com-3567	257	114	more	more	RBR
www-sonatype-com-3567	257	115	quickly	quickly	RB
www-sonatype-com-3567	257	116	,	,	,
www-sonatype-com-3567	257	117	onboard	onboard	NNP
www-sonatype-com-3567	257	118	developers	developer	NNS
www-sonatype-com-3567	257	119	onto	onto	IN
www-sonatype-com-3567	257	120	new	new	JJ
www-sonatype-com-3567	257	121	teams	team	NNS
www-sonatype-com-3567	257	122	more	more	RBR
www-sonatype-com-3567	257	123	quickly	quickly	RB
www-sonatype-com-3567	257	124	,	,	,
www-sonatype-com-3567	257	125	and	and	CC
www-sonatype-com-3567	257	126	approve	approve	VB
www-sonatype-com-3567	257	127	new	new	JJ
www-sonatype-com-3567	257	128	OSS	OSS	NNP
www-sonatype-com-3567	257	129	components	component	NNS
www-sonatype-com-3567	257	130	for	for	IN
www-sonatype-com-3567	257	131	use	use	NN
www-sonatype-com-3567	257	132	more	more	RBR
www-sonatype-com-3567	257	133	quickly	quickly	RB
www-sonatype-com-3567	257	134	.	.	.
www-sonatype-com-3567	258	1	Furthermore	furthermore	RB
www-sonatype-com-3567	258	2	,	,	,
www-sonatype-com-3567	258	3	High	high	JJ
www-sonatype-com-3567	258	4	Performers	performer	NNS
www-sonatype-com-3567	258	5	are	be	VBP
www-sonatype-com-3567	258	6	more	more	RBR
www-sonatype-com-3567	258	7	confident	confident	JJ
www-sonatype-com-3567	258	8	about	about	IN
www-sonatype-com-3567	258	9	the	the	DT
www-sonatype-com-3567	258	10	compliance	compliance	NN
www-sonatype-com-3567	258	11	and	and	CC
www-sonatype-com-3567	258	12	security	security	NN
www-sonatype-com-3567	258	13	of	of	IN
www-sonatype-com-3567	258	14	their	-PRON-	PRP$
www-sonatype-com-3567	258	15	OSS	oss	NN
www-sonatype-com-3567	258	16	components	component	NNS
www-sonatype-com-3567	258	17	,	,	,
www-sonatype-com-3567	258	18	and	and	CC
www-sonatype-com-3567	258	19	have	have	VBP
www-sonatype-com-3567	258	20	fewer	few	JJR
www-sonatype-com-3567	258	21	problems	problem	NNS
www-sonatype-com-3567	258	22	updating	update	VBG
www-sonatype-com-3567	258	23	their	-PRON-	PRP$
www-sonatype-com-3567	258	24	OSS	oss	NN
www-sonatype-com-3567	258	25	components	component	NNS
www-sonatype-com-3567	258	26	.	.	.
www-sonatype-com-3567	259	1	Compared	compare	VBN
www-sonatype-com-3567	259	2	to	to	IN
www-sonatype-com-3567	259	3	Low	Low	NNP
www-sonatype-com-3567	259	4	Performers	Performers	NNPS
www-sonatype-com-3567	259	5	,	,	,
www-sonatype-com-3567	259	6	High	High	NNP
www-sonatype-com-3567	259	7	Performers	performer	NNS
www-sonatype-com-3567	259	8	are	be	VBP
www-sonatype-com-3567	259	9	.	.	.
www-sonatype-com-3567	260	1	⊲	⊲	RBR
www-sonatype-com-3567	260	2	4.9x	4.9x	RB
www-sonatype-com-3567	260	3	less	less	RBR
www-sonatype-com-3567	260	4	likely	likely	JJ
www-sonatype-com-3567	260	5	to	to	TO
www-sonatype-com-3567	260	6	have	have	VB
www-sonatype-com-3567	260	7	dependencies	dependency	NNS
www-sonatype-com-3567	260	8	break	break	VB
www-sonatype-com-3567	260	9	application	application	NN
www-sonatype-com-3567	260	10	functionality	functionality	NN
www-sonatype-com-3567	260	11	⊲	⊲	SYM
www-sonatype-com-3567	260	12	3.8x	3.8x	CD
www-sonatype-com-3567	260	13	more	more	RBR
www-sonatype-com-3567	260	14	likely	likely	JJ
www-sonatype-com-3567	260	15	to	to	TO
www-sonatype-com-3567	260	16	describe	describe	VB
www-sonatype-com-3567	260	17	updating	update	VBG
www-sonatype-com-3567	260	18	dependen-	dependen-	JJ
www-sonatype-com-3567	260	19	cies	cie	NNS
www-sonatype-com-3567	260	20	as	as	IN
www-sonatype-com-3567	260	21	easy	easy	JJ
www-sonatype-com-3567	260	22	(	(	-LRB-
www-sonatype-com-3567	260	23	i.e.	i.e.	FW
www-sonatype-com-3567	260	24	,	,	,
www-sonatype-com-3567	260	25	not	not	RB
www-sonatype-com-3567	260	26	painful	painful	JJ
www-sonatype-com-3567	260	27	)	)	-RRB-
www-sonatype-com-3567	260	28	⊲	⊲	CD
www-sonatype-com-3567	260	29	33x	33x	NNS
www-sonatype-com-3567	260	30	more	more	RBR
www-sonatype-com-3567	260	31	likely	likely	JJ
www-sonatype-com-3567	260	32	to	to	TO
www-sonatype-com-3567	260	33	be	be	VB
www-sonatype-com-3567	260	34	confident	confident	JJ
www-sonatype-com-3567	260	35	that	that	IN
www-sonatype-com-3567	260	36	OSS	oss	NN
www-sonatype-com-3567	260	37	depen-	depen-	NN
www-sonatype-com-3567	260	38	dencies	dencie	NNS
www-sonatype-com-3567	260	39	are	be	VBP
www-sonatype-com-3567	260	40	secure	secure	JJ
www-sonatype-com-3567	260	41	(	(	-LRB-
www-sonatype-com-3567	260	42	i.e.	i.e.	FW
www-sonatype-com-3567	260	43	,	,	,
www-sonatype-com-3567	260	44	no	no	DT
www-sonatype-com-3567	260	45	known	known	JJ
www-sonatype-com-3567	260	46	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	260	47	)	)	-RRB-
www-sonatype-com-3567	260	48	⊲	⊲	NFP
www-sonatype-com-3567	260	49	4.6x	4.6x	NN
www-sonatype-com-3567	260	50	more	more	RBR
www-sonatype-com-3567	260	51	likely	likely	JJ
www-sonatype-com-3567	260	52	to	to	TO
www-sonatype-com-3567	260	53	be	be	VB
www-sonatype-com-3567	260	54	confident	confident	JJ
www-sonatype-com-3567	260	55	that	that	IN
www-sonatype-com-3567	260	56	OSS	OSS	NNP
www-sonatype-com-3567	260	57	licenses	license	NNS
www-sonatype-com-3567	260	58	of	of	IN
www-sonatype-com-3567	260	59	dependencies	dependency	NNS
www-sonatype-com-3567	260	60	are	be	VBP
www-sonatype-com-3567	260	61	compliant	compliant	JJ
www-sonatype-com-3567	260	62	with	with	IN
www-sonatype-com-3567	260	63	internal	internal	JJ
www-sonatype-com-3567	260	64	requirements	requirement	NNS
www-sonatype-com-3567	260	65	⊲	⊲	SYM
www-sonatype-com-3567	260	66	2.1x	2.1x	CD
www-sonatype-com-3567	260	67	more	more	RBR
www-sonatype-com-3567	260	68	likely	likely	JJ
www-sonatype-com-3567	260	69	to	to	TO
www-sonatype-com-3567	260	70	have	have	VB
www-sonatype-com-3567	260	71	access	access	NN
www-sonatype-com-3567	260	72	to	to	IN
www-sonatype-com-3567	260	73	newer	new	JJR
www-sonatype-com-3567	260	74	OSS	OSS	NNP
www-sonatype-com-3567	260	75	component	component	NN
www-sonatype-com-3567	260	76	versions	version	NNS
www-sonatype-com-3567	260	77	where	where	WRB
www-sonatype-com-3567	260	78	prior	prior	JJ
www-sonatype-com-3567	260	79	defects	defect	NNS
www-sonatype-com-3567	260	80	have	have	VBP
www-sonatype-com-3567	260	81	been	be	VBN
www-sonatype-com-3567	260	82	fixed	fix	VBN
www-sonatype-com-3567	260	83	⊲	⊲	SYM
www-sonatype-com-3567	260	84	1.5x	1.5x	CD
www-sonatype-com-3567	260	85	more	more	RBR
www-sonatype-com-3567	260	86	likely	likely	JJ
www-sonatype-com-3567	260	87	for	for	IN
www-sonatype-com-3567	260	88	employees	employee	NNS
www-sonatype-com-3567	260	89	to	to	TO
www-sonatype-com-3567	260	90	recommend	recommend	VB
www-sonatype-com-3567	260	91	their	-PRON-	PRP$
www-sonatype-com-3567	260	92	organizations	organization	NNS
www-sonatype-com-3567	260	93	as	as	IN
www-sonatype-com-3567	260	94	a	a	DT
www-sonatype-com-3567	260	95	great	great	JJ
www-sonatype-com-3567	260	96	place	place	NN
www-sonatype-com-3567	260	97	to	to	TO
www-sonatype-com-3567	260	98	work	work	VB
www-sonatype-com-3567	260	99	Comparing	compare	VBG
www-sonatype-com-3567	260	100	High	High	NNP
www-sonatype-com-3567	260	101	Performers	Performers	NNPS
www-sonatype-com-3567	260	102	vs.	vs.	IN
www-sonatype-com-3567	260	103	Security	Security	NNP
www-sonatype-com-3567	260	104	First	first	RB
www-sonatype-com-3567	260	105	Many	many	JJ
www-sonatype-com-3567	260	106	have	have	VBP
www-sonatype-com-3567	260	107	argued	argue	VBN
www-sonatype-com-3567	260	108	that	that	IN
www-sonatype-com-3567	260	109	effective	effective	JJ
www-sonatype-com-3567	260	110	risk	risk	NN
www-sonatype-com-3567	260	111	management	management	NN
www-sonatype-com-3567	260	112	practices	practice	NNS
www-sonatype-com-3567	260	113	are	be	VBP
www-sonatype-com-3567	260	114	always	always	RB
www-sonatype-com-3567	260	115	at	at	IN
www-sonatype-com-3567	260	116	the	the	DT
www-sonatype-com-3567	260	117	expense	expense	NN
www-sonatype-com-3567	260	118	of	of	IN
www-sonatype-com-3567	260	119	developer	developer	NN
www-sonatype-com-3567	260	120	productivity	productivity	NN
www-sonatype-com-3567	260	121	,	,	,
www-sonatype-com-3567	260	122	(	(	-LRB-
www-sonatype-com-3567	260	123	i.e.	i.e.	FW
www-sonatype-com-3567	260	124	,	,	,
www-sonatype-com-3567	260	125	“	"	``
www-sonatype-com-3567	260	126	better	well	JJR
www-sonatype-com-3567	260	127	security	security	NN
www-sonatype-com-3567	260	128	slows	slow	VBZ
www-sonatype-com-3567	260	129	down	down	IN
www-sonatype-com-3567	260	130	development	development	NN
www-sonatype-com-3567	260	131	”	"	''
www-sonatype-com-3567	260	132	)	)	-RRB-
www-sonatype-com-3567	260	133	.	.	.
www-sonatype-com-3567	261	1	We	-PRON-	PRP
www-sonatype-com-3567	261	2	can	can	MD
www-sonatype-com-3567	261	3	see	see	VB
www-sonatype-com-3567	261	4	these	these	DT
www-sonatype-com-3567	261	5	outcomes	outcome	NNS
www-sonatype-com-3567	261	6	in	in	IN
www-sonatype-com-3567	261	7	FIGURE	FIGURE	NNP
www-sonatype-com-3567	261	8	4C	4c	NN
www-sonatype-com-3567	261	9	the	the	DT
www-sonatype-com-3567	261	10	Security	Security	NNP
www-sonatype-com-3567	261	11	-	-	HYPH
www-sonatype-com-3567	261	12	First	First	NNP
www-sonatype-com-3567	261	13	cluster	cluster	NN
www-sonatype-com-3567	261	14	(	(	-LRB-
www-sonatype-com-3567	261	15	green	green	JJ
www-sonatype-com-3567	261	16	,	,	,
www-sonatype-com-3567	261	17	upper	upper	JJ
www-sonatype-com-3567	261	18	left	left	NN
www-sonatype-com-3567	261	19	)	)	-RRB-
www-sonatype-com-3567	261	20	that	that	WDT
www-sonatype-com-3567	261	21	seemed	seem	VBD
www-sonatype-com-3567	261	22	to	to	TO
www-sonatype-com-3567	261	23	be	be	VB
www-sonatype-com-3567	261	24	achieving	achieve	VBG
www-sonatype-com-3567	261	25	good	good	JJ
www-sonatype-com-3567	261	26	security	security	NN
www-sonatype-com-3567	261	27	outcomes	outcome	NNS
www-sonatype-com-3567	261	28	in	in	IN
www-sonatype-com-3567	261	29	a	a	DT
www-sonatype-com-3567	261	30	way	way	NN
www-sonatype-com-3567	261	31	that	that	WDT
www-sonatype-com-3567	261	32	impeded	impede	VBD
www-sonatype-com-3567	261	33	developer	developer	NN
www-sonatype-com-3567	261	34	productivity	productivity	NN
www-sonatype-com-3567	261	35	.	.	.
www-sonatype-com-3567	262	1	By	by	IN
www-sonatype-com-3567	262	2	comparison	comparison	NN
www-sonatype-com-3567	262	3	,	,	,
www-sonatype-com-3567	262	4	the	the	DT
www-sonatype-com-3567	262	5	High	High	NNP
www-sonatype-com-3567	262	6	Performer	Performer	NNP
www-sonatype-com-3567	262	7	cluster	cluster	NN
www-sonatype-com-3567	262	8	shows	show	VBZ
www-sonatype-com-3567	262	9	high	high	JJ
www-sonatype-com-3567	262	10	productivity	productivity	NN
www-sonatype-com-3567	262	11	and	and	CC
www-sonatype-com-3567	262	12	superior	superior	JJ
www-sonatype-com-3567	262	13	risk	risk	NN
www-sonatype-com-3567	262	14	management	management	NN
www-sonatype-com-3567	262	15	outcomes	outcome	NNS
www-sonatype-com-3567	262	16	can	can	MD
www-sonatype-com-3567	262	17	be	be	VB
www-sonatype-com-3567	262	18	achieved	achieve	VBN
www-sonatype-com-3567	262	19	simultaneously	simultaneously	RB
www-sonatype-com-3567	262	20	.	.	.
www-sonatype-com-3567	263	1	To	to	TO
www-sonatype-com-3567	263	2	better	well	RBR
www-sonatype-com-3567	263	3	understand	understand	VB
www-sonatype-com-3567	263	4	these	these	DT
www-sonatype-com-3567	263	5	differences	difference	NNS
www-sonatype-com-3567	263	6	,	,	,
www-sonatype-com-3567	263	7	we	-PRON-	PRP
www-sonatype-com-3567	263	8	exam-	exam-	VBD
www-sonatype-com-3567	263	9	ined	ine	VBD
www-sonatype-com-3567	263	10	what	what	WDT
www-sonatype-com-3567	263	11	practices	practice	NNS
www-sonatype-com-3567	263	12	separate	separate	VBP
www-sonatype-com-3567	263	13	the	the	DT
www-sonatype-com-3567	263	14	High	High	NNP
www-sonatype-com-3567	263	15	Performers	Performers	NNPS
www-sonatype-com-3567	263	16	from	from	IN
www-sonatype-com-3567	263	17	this	this	DT
www-sonatype-com-3567	263	18	Security	Security	NNP
www-sonatype-com-3567	263	19	-	-	HYPH
www-sonatype-com-3567	263	20	First	First	NNP
www-sonatype-com-3567	263	21	cluster	cluster	NN
www-sonatype-com-3567	263	22	.	.	.
www-sonatype-com-3567	264	1	It	-PRON-	PRP
www-sonatype-com-3567	264	2	turns	turn	VBZ
www-sonatype-com-3567	264	3	out	out	RP
www-sonatype-com-3567	264	4	that	that	IN
www-sonatype-com-3567	264	5	High	High	NNP
www-sonatype-com-3567	264	6	Performers	Performers	NNPS
www-sonatype-com-3567	264	7	tend	tend	VBP
www-sonatype-com-3567	264	8	to	to	TO
www-sonatype-com-3567	264	9	have	have	VB
www-sonatype-com-3567	264	10	a	a	DT
www-sonatype-com-3567	264	11	governance	governance	NN
www-sonatype-com-3567	264	12	structure	structure	NN
www-sonatype-com-3567	264	13	that	that	WDT
www-sonatype-com-3567	264	14	relies	rely	VBZ
www-sonatype-com-3567	264	15	much	much	RB
www-sonatype-com-3567	264	16	more	more	RBR
www-sonatype-com-3567	264	17	heavily	heavily	RB
www-sonatype-com-3567	264	18	on	on	IN
www-sonatype-com-3567	264	19	automated	automate	VBN
www-sonatype-com-3567	264	20	tooling	tooling	NN
www-sonatype-com-3567	264	21	.	.	.
www-sonatype-com-3567	265	1	Compared	compare	VBN
www-sonatype-com-3567	265	2	to	to	IN
www-sonatype-com-3567	265	3	the	the	DT
www-sonatype-com-3567	265	4	Security	Security	NNP
www-sonatype-com-3567	265	5	-	-	HYPH
www-sonatype-com-3567	265	6	First	First	NNP
www-sonatype-com-3567	265	7	group	group	NN
www-sonatype-com-3567	265	8	,	,	,
www-sonatype-com-3567	265	9	the	the	DT
www-sonatype-com-3567	265	10	High	High	NNP
www-sonatype-com-3567	265	11	Performers	Performers	NNPS
www-sonatype-com-3567	265	12	were	be	VBD
www-sonatype-com-3567	265	13	:	:	:
www-sonatype-com-3567	265	14	⊲	⊲	NFP
www-sonatype-com-3567	265	15	77	77	CD
www-sonatype-com-3567	265	16	%	%	NN
www-sonatype-com-3567	265	17	more	more	RBR
www-sonatype-com-3567	265	18	likely	likely	JJ
www-sonatype-com-3567	265	19	to	to	TO
www-sonatype-com-3567	265	20	automate	automate	VB
www-sonatype-com-3567	265	21	approval	approval	NN
www-sonatype-com-3567	265	22	,	,	,
www-sonatype-com-3567	265	23	manage-	manage-	NNP
www-sonatype-com-3567	265	24	ment	ment	JJ
www-sonatype-com-3567	265	25	,	,	,
www-sonatype-com-3567	265	26	and	and	CC
www-sonatype-com-3567	265	27	analysis	analysis	NN
www-sonatype-com-3567	265	28	of	of	IN
www-sonatype-com-3567	265	29	dependencies	dependency	NNS
www-sonatype-com-3567	265	30	⊲	⊲	SYM
www-sonatype-com-3567	265	31	59	59	CD
www-sonatype-com-3567	265	32	%	%	NN
www-sonatype-com-3567	265	33	more	more	RBR
www-sonatype-com-3567	265	34	likely	likely	JJ
www-sonatype-com-3567	265	35	to	to	TO
www-sonatype-com-3567	265	36	be	be	VB
www-sonatype-com-3567	265	37	using	use	VBG
www-sonatype-com-3567	265	38	software	software	NN
www-sonatype-com-3567	265	39	composition	composition	NN
www-sonatype-com-3567	265	40	analysis	analysis	NN
www-sonatype-com-3567	265	41	(	(	-LRB-
www-sonatype-com-3567	265	42	SCA	SCA	NNP
www-sonatype-com-3567	265	43	)	)	-RRB-
www-sonatype-com-3567	265	44	tools	tool	NNS
www-sonatype-com-3567	265	45	⊲	⊲	SYM
www-sonatype-com-3567	265	46	28	28	CD
www-sonatype-com-3567	265	47	%	%	NN
www-sonatype-com-3567	265	48	more	more	RBR
www-sonatype-com-3567	265	49	likely	likely	JJ
www-sonatype-com-3567	265	50	to	to	TO
www-sonatype-com-3567	265	51	enforce	enforce	VB
www-sonatype-com-3567	265	52	governance	governance	NN
www-sonatype-com-3567	265	53	policies	policy	NNS
www-sonatype-com-3567	265	54	in	in	IN
www-sonatype-com-3567	265	55	Continuous	Continuous	NNP
www-sonatype-com-3567	265	56	Integration	Integration	NNP
www-sonatype-com-3567	265	57	(	(	-LRB-
www-sonatype-com-3567	265	58	CI	CI	NNP
www-sonatype-com-3567	265	59	)	)	-RRB-
www-sonatype-com-3567	265	60	⊲	⊲	NFP
www-sonatype-com-3567	265	61	56	56	CD
www-sonatype-com-3567	265	62	%	%	NN
www-sonatype-com-3567	265	63	more	more	RBR
www-sonatype-com-3567	265	64	likely	likely	JJ
www-sonatype-com-3567	265	65	to	to	TO
www-sonatype-com-3567	265	66	have	have	VB
www-sonatype-com-3567	265	67	centrally	centrally	RB
www-sonatype-com-3567	265	68	-	-	HYPH
www-sonatype-com-3567	265	69	managed	manage	VBN
www-sonatype-com-3567	265	70	CI	CI	NNP
www-sonatype-com-3567	265	71	infrastructure	infrastructure	NN
www-sonatype-com-3567	265	72	⊲	⊲	CD
www-sonatype-com-3567	265	73	51	51	CD
www-sonatype-com-3567	265	74	%	%	NN
www-sonatype-com-3567	265	75	more	more	RBR
www-sonatype-com-3567	265	76	likely	likely	JJ
www-sonatype-com-3567	265	77	to	to	TO
www-sonatype-com-3567	265	78	maintain	maintain	VB
www-sonatype-com-3567	265	79	a	a	DT
www-sonatype-com-3567	265	80	centralized	centralized	JJ
www-sonatype-com-3567	265	81	record	record	NN
www-sonatype-com-3567	265	82	of	of	IN
www-sonatype-com-3567	265	83	all	all	DT
www-sonatype-com-3567	265	84	deployed	deploy	VBN
www-sonatype-com-3567	265	85	artifacts	artifact	NNS
www-sonatype-com-3567	265	86	,	,	,
www-sonatype-com-3567	265	87	supporting	support	VBG
www-sonatype-com-3567	265	88	the	the	DT
www-sonatype-com-3567	265	89	collection	collection	NN
www-sonatype-com-3567	265	90	of	of	IN
www-sonatype-com-3567	265	91	a	a	DT
www-sonatype-com-3567	265	92	Software	Software	NNP
www-sonatype-com-3567	265	93	Bill	Bill	NNP
www-sonatype-com-3567	265	94	of	of	IN
www-sonatype-com-3567	265	95	Materials	Materials	NNP
www-sonatype-com-3567	265	96	(	(	-LRB-
www-sonatype-com-3567	265	97	SBOM	SBOM	NNP
www-sonatype-com-3567	265	98	)	)	-RRB-
www-sonatype-com-3567	265	99	for	for	IN
www-sonatype-com-3567	265	100	each	each	DT
www-sonatype-com-3567	265	101	application	application	NN
www-sonatype-com-3567	265	102	⊲	⊲	SYM
www-sonatype-com-3567	265	103	96	96	CD
www-sonatype-com-3567	265	104	%	%	NN
www-sonatype-com-3567	265	105	more	more	RBR
www-sonatype-com-3567	265	106	likely	likely	JJ
www-sonatype-com-3567	265	107	to	to	TO
www-sonatype-com-3567	265	108	be	be	VB
www-sonatype-com-3567	265	109	able	able	JJ
www-sonatype-com-3567	265	110	to	to	TO
www-sonatype-com-3567	265	111	centrally	centrally	RB
www-sonatype-com-3567	265	112	scan	scan	VB
www-sonatype-com-3567	265	113	all	all	DT
www-sonatype-com-3567	265	114	deployed	deploy	VBN
www-sonatype-com-3567	265	115	artifacts	artifact	NNS
www-sonatype-com-3567	265	116	for	for	IN
www-sonatype-com-3567	265	117	security	security	NN
www-sonatype-com-3567	265	118	and	and	CC
www-sonatype-com-3567	265	119	license	license	NN
www-sonatype-com-3567	265	120	compliance	compliance	NN
www-sonatype-com-3567	265	121	.	.	.
www-sonatype-com-3567	266	1	Comparing	compare	VBG
www-sonatype-com-3567	266	2	High	high	JJ
www-sonatype-com-3567	266	3	Performers	performer	NNS
www-sonatype-com-3567	266	4	against	against	IN
www-sonatype-com-3567	266	5	Low	Low	NNP
www-sonatype-com-3567	266	6	Performers	Performers	NNPS
www-sonatype-com-3567	266	7	:	:	:
www-sonatype-com-3567	266	8	more	more	RBR
www-sonatype-com-3567	266	9	frequent	frequent	JJ
www-sonatype-com-3567	266	10	deployments	deployment	NNS
www-sonatype-com-3567	266	11	15x	15x	NNS
www-sonatype-com-3567	266	12	26x	26x	CD
www-sonatype-com-3567	266	13	26x26x	26x26x	CD
www-sonatype-com-3567	266	14	5.7x	5.7x	JJ
www-sonatype-com-3567	266	15	less	less	JJR
www-sonatype-com-3567	266	16	time	time	NN
www-sonatype-com-3567	266	17	required	require	VBN
www-sonatype-com-3567	266	18	for	for	IN
www-sonatype-com-3567	266	19	developers	developer	NNS
www-sonatype-com-3567	266	20	to	to	TO
www-sonatype-com-3567	266	21	be	be	VB
www-sonatype-com-3567	266	22	productive	productive	JJ
www-sonatype-com-3567	266	23	when	when	WRB
www-sonatype-com-3567	266	24	SWITCHING	switching	NN
www-sonatype-com-3567	266	25	teams	team	NNS
www-sonatype-com-3567	266	26	faster	fast	RBR
www-sonatype-com-3567	266	27	DETECTION	detection	NN
www-sonatype-com-3567	266	28	of	of	IN
www-sonatype-com-3567	266	29	vulnerable	vulnerable	JJ
www-sonatype-com-3567	266	30	OSS	oss	NN
www-sonatype-com-3567	266	31	components	component	NNS
www-sonatype-com-3567	266	32	less	less	JJR
www-sonatype-com-3567	266	33	time	time	NN
www-sonatype-com-3567	266	34	to	to	TO
www-sonatype-com-3567	266	35	APPROVE	approve	VB
www-sonatype-com-3567	266	36	a	a	DT
www-sonatype-com-3567	266	37	new	new	JJ
www-sonatype-com-3567	266	38	OSS	oss	NN
www-sonatype-com-3567	266	39	dependency	dependency	NN
www-sonatype-com-3567	266	40	for	for	IN
www-sonatype-com-3567	266	41	use	use	NN
www-sonatype-com-3567	266	42	faster	fast	JJR
www-sonatype-com-3567	266	43	REMEDIATION	remediation	NN
www-sonatype-com-3567	266	44	of	of	IN
www-sonatype-com-3567	266	45	vulnerable	vulnerable	JJ
www-sonatype-com-3567	266	46	OSS	oss	NN
www-sonatype-com-3567	266	47	components	component	NNS
www-sonatype-com-3567	266	48	C	c	NN
www-sonatype-com-3567	266	49	H	h	NN
www-sonatype-com-3567	266	50	A	a	NN
www-sonatype-com-3567	266	51	P	p	NN
www-sonatype-com-3567	266	52	T	t	NN
www-sonatype-com-3567	266	53	E	e	NN
www-sonatype-com-3567	266	54	R	r	NN
www-sonatype-com-3567	266	55	4	4	CD
www-sonatype-com-3567	266	56	:	:	:
www-sonatype-com-3567	266	57	H	h	NN
www-sonatype-com-3567	266	58	O	o	NN
www-sonatype-com-3567	266	59	W	w	NN
www-sonatype-com-3567	266	60	H	h	NN
www-sonatype-com-3567	266	61	IG	ig	NN
www-sonatype-com-3567	266	62	H	h	NN
www-sonatype-com-3567	266	63	P	p	NN
www-sonatype-com-3567	266	64	E	e	NN
www-sonatype-com-3567	266	65	R	r	NN
www-sonatype-com-3567	266	66	F	f	NN
www-sonatype-com-3567	266	67	O	o	NN
www-sonatype-com-3567	266	68	R	r	NN
www-sonatype-com-3567	266	69	M	m	NN
www-sonatype-com-3567	266	70	A	A	NNP
www-sonatype-com-3567	266	71	N	n	NN
www-sonatype-com-3567	266	72	C	c	NN
www-sonatype-com-3567	266	73	E	e	NN
www-sonatype-com-3567	266	74	T	t	NN
www-sonatype-com-3567	266	75	E	e	NN
www-sonatype-com-3567	266	76	A	a	NN
www-sonatype-com-3567	266	77	M	m	NN
www-sonatype-com-3567	266	78	S	s	NN
www-sonatype-com-3567	266	79	M	M	NNP
www-sonatype-com-3567	266	80	A	A	NNP
www-sonatype-com-3567	266	81	N	N	NNP
www-sonatype-com-3567	266	82	A	a	NN
www-sonatype-com-3567	266	83	G	g	NN
www-sonatype-com-3567	266	84	E	e	NN
www-sonatype-com-3567	266	85	O	o	NN
www-sonatype-com-3567	266	86	P	p	NN
www-sonatype-com-3567	266	87	E	e	NN
www-sonatype-com-3567	266	88	N	n	NN
www-sonatype-com-3567	266	89	S	s	NN
www-sonatype-com-3567	266	90	O	o	NN
www-sonatype-com-3567	266	91	U	u	NN
www-sonatype-com-3567	266	92	R	r	NN
www-sonatype-com-3567	266	93	C	c	NN
www-sonatype-com-3567	266	94	E	e	NN
www-sonatype-com-3567	266	95	S	s	NN
www-sonatype-com-3567	266	96	O	o	NN
www-sonatype-com-3567	266	97	F	f	NN
www-sonatype-com-3567	266	98	T	t	NN
www-sonatype-com-3567	266	99	W	w	NN
www-sonatype-com-3567	266	100	A	a	NN
www-sonatype-com-3567	266	101	R	r	NN
www-sonatype-com-3567	266	102	E	e	NN
www-sonatype-com-3567	266	103	S	s	NN
www-sonatype-com-3567	266	104	U	u	NN
www-sonatype-com-3567	266	105	P	p	NN
www-sonatype-com-3567	266	106	P	p	NN
www-sonatype-com-3567	266	107	LY	ly	NN
www-sonatype-com-3567	266	108	C	c	NN
www-sonatype-com-3567	266	109	H	h	NN
www-sonatype-com-3567	266	110	A	a	NN
www-sonatype-com-3567	266	111	IN	in	NN
www-sonatype-com-3567	266	112	232020	232020	CD
www-sonatype-com-3567	266	113	STATE	STATE	NNP
www-sonatype-com-3567	266	114	OF	of	IN
www-sonatype-com-3567	266	115	THE	the	DT
www-sonatype-com-3567	266	116	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	266	117	SUPPLY	supply	NN
www-sonatype-com-3567	266	118	CHAIN	chain	NN
www-sonatype-com-3567	266	119	REPORT	REPORT	NNP
www-sonatype-com-3567	266	120	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	266	121	RISK	risk	NN
www-sonatype-com-3567	266	122	MANAGEMENT	MANAGEMENT	NNP
www-sonatype-com-3567	266	123	OUTCOMES	outcomes	RB
www-sonatype-com-3567	266	124	:	:	:
www-sonatype-com-3567	266	125	Mean	mean	JJ
www-sonatype-com-3567	266	126	Time	time	NN
www-sonatype-com-3567	266	127	to	to	IN
www-sonatype-com-3567	266	128	Detect	detect	VB
www-sonatype-com-3567	266	129	Vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	266	130	(	(	-LRB-
www-sonatype-com-3567	266	131	MTTD	MTTD	NNP
www-sonatype-com-3567	266	132	)	)	-RRB-
www-sonatype-com-3567	266	133	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	266	134	RESULT	RESULT	NNP
www-sonatype-com-3567	266	135	(	(	-LRB-
www-sonatype-com-3567	266	136	R2	R2	NNP
www-sonatype-com-3567	266	137	=	=	SYM
www-sonatype-com-3567	266	138	0.37	0.37	CD
www-sonatype-com-3567	266	139	)	)	-RRB-
www-sonatype-com-3567	266	140	DISCUSSION	DISCUSSION	NNP
www-sonatype-com-3567	266	141	Practices	Practices	NNPS
www-sonatype-com-3567	266	142	associated	associate	VBD
www-sonatype-com-3567	266	143	with	with	IN
www-sonatype-com-3567	266	144	fast	fast	JJ
www-sonatype-com-3567	266	145	MTTD	MTTD	NNP
www-sonatype-com-3567	266	146	would	would	MD
www-sonatype-com-3567	266	147	involve	involve	VB
www-sonatype-com-3567	266	148	monitoring	monitoring	NN
www-sonatype-com-3567	266	149	and	and	CC
www-sonatype-com-3567	266	150	tooling	tooling	NN
www-sonatype-com-3567	266	151	(	(	-LRB-
www-sonatype-com-3567	266	152	given	give	VBN
www-sonatype-com-3567	266	153	the	the	DT
www-sonatype-com-3567	266	154	high	high	JJ
www-sonatype-com-3567	266	155	frequency	frequency	NN
www-sonatype-com-3567	266	156	of	of	IN
www-sonatype-com-3567	266	157	new	new	JJ
www-sonatype-com-3567	266	158	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	266	159	and	and	CC
www-sonatype-com-3567	266	160	large	large	JJ
www-sonatype-com-3567	266	161	number	number	NN
www-sonatype-com-3567	266	162	of	of	IN
www-sonatype-com-3567	266	163	dependencies	dependency	NNS
www-sonatype-com-3567	266	164	on	on	IN
www-sonatype-com-3567	266	165	OSS	OSS	NNP
www-sonatype-com-3567	266	166	components	component	NNS
www-sonatype-com-3567	266	167	)	)	-RRB-
www-sonatype-com-3567	266	168	that	that	WDT
www-sonatype-com-3567	266	169	would	would	MD
www-sonatype-com-3567	266	170	be	be	VB
www-sonatype-com-3567	266	171	integrated	integrate	VBN
www-sonatype-com-3567	266	172	into	into	IN
www-sonatype-com-3567	266	173	CI	CI	NNP
www-sonatype-com-3567	266	174	processes	process	NNS
www-sonatype-com-3567	266	175	.	.	.
www-sonatype-com-3567	267	1	CONFIRMED	CONFIRMED	NNP
www-sonatype-com-3567	267	2	.	.	.
www-sonatype-com-3567	268	1	Listed	list	VBN
www-sonatype-com-3567	268	2	below	below	RB
www-sonatype-com-3567	268	3	are	be	VBP
www-sonatype-com-3567	268	4	the	the	DT
www-sonatype-com-3567	268	5	top	top	JJ
www-sonatype-com-3567	268	6	factors	factor	NNS
www-sonatype-com-3567	268	7	associated	associate	VBN
www-sonatype-com-3567	268	8	with	with	IN
www-sonatype-com-3567	268	9	fast	fast	JJ
www-sonatype-com-3567	268	10	MTTD	MTTD	NNP
www-sonatype-com-3567	268	11	.	.	.
www-sonatype-com-3567	269	1	⊲	⊲	NFP
www-sonatype-com-3567	269	2	Scheduling	Scheduling	NNP
www-sonatype-com-3567	269	3	updating	update	VBG
www-sonatype-com-3567	269	4	open	open	JJ
www-sonatype-com-3567	269	5	source	source	NN
www-sonatype-com-3567	269	6	dependencies	dependency	NNS
www-sonatype-com-3567	269	7	as	as	IN
www-sonatype-com-3567	269	8	part	part	NN
www-sonatype-com-3567	269	9	of	of	IN
www-sonatype-com-3567	269	10	our	-PRON-	PRP$
www-sonatype-com-3567	269	11	daily	daily	JJ
www-sonatype-com-3567	269	12	work	work	NN
www-sonatype-com-3567	269	13	⊲	⊲	CD
www-sonatype-com-3567	269	14	Remediation	remediation	NN
www-sonatype-com-3567	269	15	of	of	IN
www-sonatype-com-3567	269	16	security	security	NN
www-sonatype-com-3567	269	17	issues	issue	NNS
www-sonatype-com-3567	269	18	is	be	VBZ
www-sonatype-com-3567	269	19	addressed	address	VBN
www-sonatype-com-3567	269	20	as	as	IN
www-sonatype-com-3567	269	21	a	a	DT
www-sonatype-com-3567	269	22	regular	regular	JJ
www-sonatype-com-3567	269	23	part	part	NN
www-sonatype-com-3567	269	24	of	of	IN
www-sonatype-com-3567	269	25	development	development	NN
www-sonatype-com-3567	269	26	work	work	NN
www-sonatype-com-3567	269	27	(	(	-LRB-
www-sonatype-com-3567	269	28	i.e.	i.e.	FW
www-sonatype-com-3567	269	29	,	,	,
www-sonatype-com-3567	269	30	security	security	NN
www-sonatype-com-3567	269	31	issues	issue	NNS
www-sonatype-com-3567	269	32	treated	treat	VBD
www-sonatype-com-3567	269	33	as	as	IN
www-sonatype-com-3567	269	34	normal	normal	JJ
www-sonatype-com-3567	269	35	defects	defect	NNS
www-sonatype-com-3567	269	36	)	)	-RRB-
www-sonatype-com-3567	269	37	.	.	.
www-sonatype-com-3567	270	1	⊲	⊲	NFP
www-sonatype-com-3567	270	2	Open	open	JJ
www-sonatype-com-3567	270	3	source	source	NN
www-sonatype-com-3567	270	4	component	component	NN
www-sonatype-com-3567	270	5	governance	governance	NN
www-sonatype-com-3567	270	6	(	(	-LRB-
www-sonatype-com-3567	270	7	e.g.	e.g.	RB
www-sonatype-com-3567	270	8	,	,	,
www-sonatype-com-3567	270	9	security	security	NN
www-sonatype-com-3567	270	10	,	,	,
www-sonatype-com-3567	270	11	licensing	licensing	NN
www-sonatype-com-3567	270	12	)	)	-RRB-
www-sonatype-com-3567	270	13	is	be	VBZ
www-sonatype-com-3567	270	14	enforced	enforce	VBN
www-sonatype-com-3567	270	15	through	through	IN
www-sonatype-com-3567	270	16	CI	CI	NNP
www-sonatype-com-3567	270	17	infrastructure	infrastructure	NN
www-sonatype-com-3567	270	18	.	.	.
www-sonatype-com-3567	271	1	⊲	⊲	NFP
www-sonatype-com-3567	271	2	One	one	CD
www-sonatype-com-3567	271	3	of	of	IN
www-sonatype-com-3567	271	4	the	the	DT
www-sonatype-com-3567	271	5	unexpected	unexpected	JJ
www-sonatype-com-3567	271	6	and	and	CC
www-sonatype-com-3567	271	7	interesting	interesting	JJ
www-sonatype-com-3567	271	8	factors	factor	NNS
www-sonatype-com-3567	271	9	that	that	WDT
www-sonatype-com-3567	271	10	appeared	appear	VBD
www-sonatype-com-3567	271	11	in	in	IN
www-sonatype-com-3567	271	12	the	the	DT
www-sonatype-com-3567	271	13	survey	survey	NN
www-sonatype-com-3567	271	14	results	result	NNS
www-sonatype-com-3567	271	15	was	be	VBD
www-sonatype-com-3567	271	16	the	the	DT
www-sonatype-com-3567	271	17	degree	degree	NN
www-sonatype-com-3567	271	18	to	to	TO
www-sonatype-com-3567	271	19	which	which	WDT
www-sonatype-com-3567	271	20	OSS	OSS	NNP
www-sonatype-com-3567	271	21	is	be	VBZ
www-sonatype-com-3567	271	22	supported	support	VBN
www-sonatype-com-3567	271	23	within	within	IN
www-sonatype-com-3567	271	24	the	the	DT
www-sonatype-com-3567	271	25	organization	organization	NN
www-sonatype-com-3567	271	26	,	,	,
www-sonatype-com-3567	271	27	which	which	WDT
www-sonatype-com-3567	271	28	we	-PRON-	PRP
www-sonatype-com-3567	271	29	called	call	VBD
www-sonatype-com-3567	271	30	“	"	``
www-sonatype-com-3567	271	31	OSS	OSS	NNP
www-sonatype-com-3567	271	32	Enlightenment	Enlightenment	NNP
www-sonatype-com-3567	271	33	.	.	.
www-sonatype-com-3567	271	34	”	"	''
www-sonatype-com-3567	271	35	We	-PRON-	PRP
www-sonatype-com-3567	271	36	speculate	speculate	VBP
www-sonatype-com-3567	271	37	that	that	IN
www-sonatype-com-3567	271	38	being	be	VBG
www-sonatype-com-3567	271	39	involved	involve	VBN
www-sonatype-com-3567	271	40	in	in	IN
www-sonatype-com-3567	271	41	the	the	DT
www-sonatype-com-3567	271	42	OSS	OSS	NNP
www-sonatype-com-3567	271	43	community	community	NN
www-sonatype-com-3567	271	44	causes	cause	VBZ
www-sonatype-com-3567	271	45	engineers	engineer	NNS
www-sonatype-com-3567	271	46	to	to	TO
www-sonatype-com-3567	271	47	be	be	VB
www-sonatype-com-3567	271	48	more	more	RBR
www-sonatype-com-3567	271	49	aware	aware	JJ
www-sonatype-com-3567	271	50	of	of	IN
www-sonatype-com-3567	271	51	important	important	JJ
www-sonatype-com-3567	271	52	vul-	vul-	NN
www-sonatype-com-3567	271	53	nerability	nerability	NN
www-sonatype-com-3567	271	54	disclosures	disclosure	NNS
www-sonatype-com-3567	271	55	(	(	-LRB-
www-sonatype-com-3567	271	56	i.e.	i.e.	FW
www-sonatype-com-3567	271	57	,	,	,
www-sonatype-com-3567	271	58	a	a	DT
www-sonatype-com-3567	271	59	developer	developer	NN
www-sonatype-com-3567	271	60	who	who	WP
www-sonatype-com-3567	271	61	is	be	VBZ
www-sonatype-com-3567	271	62	active	active	JJ
www-sonatype-com-3567	271	63	in	in	IN
www-sonatype-com-3567	271	64	the	the	DT
www-sonatype-com-3567	271	65	Java	Java	NNP
www-sonatype-com-3567	271	66	community	community	NN
www-sonatype-com-3567	271	67	will	will	MD
www-sonatype-com-3567	271	68	be	be	VB
www-sonatype-com-3567	271	69	more	more	RBR
www-sonatype-com-3567	271	70	likely	likely	JJ
www-sonatype-com-3567	271	71	to	to	TO
www-sonatype-com-3567	271	72	hear	hear	VB
www-sonatype-com-3567	271	73	about	about	IN
www-sonatype-com-3567	271	74	important	important	JJ
www-sonatype-com-3567	271	75	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	271	76	,	,	,
www-sonatype-com-3567	271	77	and	and	CC
www-sonatype-com-3567	271	78	what	what	WP
www-sonatype-com-3567	271	79	actions	action	NNS
www-sonatype-com-3567	271	80	are	be	VBP
www-sonatype-com-3567	271	81	being	be	VBG
www-sonatype-com-3567	271	82	taken	take	VBN
www-sonatype-com-3567	271	83	to	to	TO
www-sonatype-com-3567	271	84	address	address	VB
www-sonatype-com-3567	271	85	them	-PRON-	PRP
www-sonatype-com-3567	271	86	.	.	.
www-sonatype-com-3567	271	87	)	)	-RRB-
www-sonatype-com-3567	272	1	We	-PRON-	PRP
www-sonatype-com-3567	272	2	measured	measure	VBD
www-sonatype-com-3567	272	3	this	this	DT
www-sonatype-com-3567	272	4	by	by	IN
www-sonatype-com-3567	272	5	asking	ask	VBG
www-sonatype-com-3567	272	6	the	the	DT
www-sonatype-com-3567	272	7	following	follow	VBG
www-sonatype-com-3567	272	8	:	:	:
www-sonatype-com-3567	272	9	ɡ	ɡ	NN
www-sonatype-com-3567	272	10	For	for	IN
www-sonatype-com-3567	272	11	company	company	NN
www-sonatype-com-3567	272	12	-	-	HYPH
www-sonatype-com-3567	272	13	sponsored	sponsor	VBN
www-sonatype-com-3567	272	14	OSS	oss	NN
www-sonatype-com-3567	272	15	projects	project	NNS
www-sonatype-com-3567	272	16	,	,	,
www-sonatype-com-3567	272	17	to	to	IN
www-sonatype-com-3567	272	18	what	what	WDT
www-sonatype-com-3567	272	19	degree	degree	NN
www-sonatype-com-3567	272	20	are	be	VBP
www-sonatype-com-3567	272	21	external	external	JJ
www-sonatype-com-3567	272	22	contributions	contribution	NNS
www-sonatype-com-3567	272	23	allowed	allow	VBN
www-sonatype-com-3567	272	24	?	?	.
www-sonatype-com-3567	273	1	ɡ	ɡ	LS
www-sonatype-com-3567	273	2	To	to	IN
www-sonatype-com-3567	273	3	what	what	WDT
www-sonatype-com-3567	273	4	degree	degree	NN
www-sonatype-com-3567	273	5	does	do	VBZ
www-sonatype-com-3567	273	6	your	-PRON-	PRP$
www-sonatype-com-3567	273	7	organization	organization	NN
www-sonatype-com-3567	273	8	require	require	VB
www-sonatype-com-3567	273	9	that	that	IN
www-sonatype-com-3567	273	10	all	all	DT
www-sonatype-com-3567	273	11	internal	internal	JJ
www-sonatype-com-3567	273	12	modifi-	modifi-	NN
www-sonatype-com-3567	273	13	cations	cation	NNS
www-sonatype-com-3567	273	14	to	to	TO
www-sonatype-com-3567	273	15	open	open	VB
www-sonatype-com-3567	273	16	source	source	NN
www-sonatype-com-3567	273	17	components	component	NNS
www-sonatype-com-3567	273	18	be	be	VB
www-sonatype-com-3567	273	19	contributed	contribute	VBN
www-sonatype-com-3567	273	20	back	back	RB
www-sonatype-com-3567	273	21	(	(	-LRB-
www-sonatype-com-3567	273	22	i.e.	i.e.	FW
www-sonatype-com-3567	273	23	,	,	,
www-sonatype-com-3567	273	24	“	"	``
www-sonatype-com-3567	273	25	pushed	push	VBD
www-sonatype-com-3567	273	26	upstream	upstream	NNP
www-sonatype-com-3567	273	27	”	"	''
www-sonatype-com-3567	273	28	)	)	-RRB-
www-sonatype-com-3567	273	29	?	?	.
www-sonatype-com-3567	274	1	ɡ	ɡ	LS
www-sonatype-com-3567	274	2	To	to	IN
www-sonatype-com-3567	274	3	what	what	WDT
www-sonatype-com-3567	274	4	degree	degree	NN
www-sonatype-com-3567	274	5	does	do	VBZ
www-sonatype-com-3567	274	6	your	-PRON-	PRP$
www-sonatype-com-3567	274	7	leadership	leadership	NN
www-sonatype-com-3567	274	8	support	support	NN
www-sonatype-com-3567	274	9	contributing	contribute	VBG
www-sonatype-com-3567	274	10	back	back	RB
www-sonatype-com-3567	274	11	to	to	IN
www-sonatype-com-3567	274	12	open	open	JJ
www-sonatype-com-3567	274	13	source	source	NN
www-sonatype-com-3567	274	14	components	component	NNS
www-sonatype-com-3567	274	15	we	-PRON-	PRP
www-sonatype-com-3567	274	16	use	use	VBP
www-sonatype-com-3567	274	17	(	(	-LRB-
www-sonatype-com-3567	274	18	e.g.	e.g.	RB
www-sonatype-com-3567	274	19	,	,	,
www-sonatype-com-3567	274	20	engineering	engineering	NN
www-sonatype-com-3567	274	21	time	time	NN
www-sonatype-com-3567	274	22	,	,	,
www-sonatype-com-3567	274	23	budget	budget	NN
www-sonatype-com-3567	274	24	,	,	,
www-sonatype-com-3567	274	25	conferences	conference	NNS
www-sonatype-com-3567	274	26	)	)	-RRB-
www-sonatype-com-3567	274	27	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	274	28	RISK	RISK	NNP
www-sonatype-com-3567	274	29	MANAGEMENT	MANAGEMENT	NNP
www-sonatype-com-3567	274	30	OUTCOMES	outcomes	RB
www-sonatype-com-3567	274	31	:	:	:
www-sonatype-com-3567	274	32	Mean	Mean	NNP
www-sonatype-com-3567	274	33	Time	Time	NNP
www-sonatype-com-3567	274	34	to	to	IN
www-sonatype-com-3567	274	35	Remediate	Remediate	NNP
www-sonatype-com-3567	274	36	(	(	-LRB-
www-sonatype-com-3567	274	37	MTTR	MTTR	NNP
www-sonatype-com-3567	274	38	)	)	-RRB-
www-sonatype-com-3567	274	39	Measured	measure	VBN
www-sonatype-com-3567	274	40	as	as	IN
www-sonatype-com-3567	274	41	the	the	DT
www-sonatype-com-3567	274	42	time	time	NN
www-sonatype-com-3567	274	43	taken	take	VBN
www-sonatype-com-3567	274	44	to	to	TO
www-sonatype-com-3567	274	45	mitigate	mitigate	VB
www-sonatype-com-3567	274	46	a	a	DT
www-sonatype-com-3567	274	47	vulnerability	vulnerability	NN
www-sonatype-com-3567	274	48	across	across	IN
www-sonatype-com-3567	274	49	applications	application	NNS
www-sonatype-com-3567	274	50	once	once	IN
www-sonatype-com-3567	274	51	the	the	DT
www-sonatype-com-3567	274	52	team	team	NN
www-sonatype-com-3567	274	53	becomes	become	VBZ
www-sonatype-com-3567	274	54	aware	aware	JJ
www-sonatype-com-3567	274	55	of	of	IN
www-sonatype-com-3567	274	56	that	that	DT
www-sonatype-com-3567	274	57	vulnerability	vulnerability	NN
www-sonatype-com-3567	274	58	.	.	.
www-sonatype-com-3567	275	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	275	2	RESULT	RESULT	NNP
www-sonatype-com-3567	275	3	(	(	-LRB-
www-sonatype-com-3567	275	4	R2	R2	NNP
www-sonatype-com-3567	275	5	=	=	SYM
www-sonatype-com-3567	275	6	0.32	0.32	CD
www-sonatype-com-3567	275	7	)	)	-RRB-
www-sonatype-com-3567	275	8	DISCUSSION	discussion	NN
www-sonatype-com-3567	275	9	Informed	inform	VBN
www-sonatype-com-3567	275	10	by	by	IN
www-sonatype-com-3567	275	11	last	last	JJ
www-sonatype-com-3567	275	12	year	year	NN
www-sonatype-com-3567	275	13	’s	’s	POS
www-sonatype-com-3567	275	14	work	work	NN
www-sonatype-com-3567	275	15	,	,	,
www-sonatype-com-3567	275	16	where	where	WRB
www-sonatype-com-3567	275	17	we	-PRON-	PRP
www-sonatype-com-3567	275	18	saw	see	VBD
www-sonatype-com-3567	275	19	a	a	DT
www-sonatype-com-3567	275	20	strong	strong	JJ
www-sonatype-com-3567	275	21	correlation	correlation	NN
www-sonatype-com-3567	275	22	between	between	IN
www-sonatype-com-3567	275	23	MTTR	MTTR	NNP
www-sonatype-com-3567	275	24	and	and	CC
www-sonatype-com-3567	275	25	general	general	JJ
www-sonatype-com-3567	275	26	dependency	dependency	NN
www-sonatype-com-3567	275	27	update	update	NN
www-sonatype-com-3567	275	28	practices	practice	NNS
www-sonatype-com-3567	275	29	,	,	,
www-sonatype-com-3567	275	30	we	-PRON-	PRP
www-sonatype-com-3567	275	31	predicted	predict	VBD
www-sonatype-com-3567	275	32	that	that	IN
www-sonatype-com-3567	275	33	practices	practice	NNS
www-sonatype-com-3567	275	34	would	would	MD
www-sonatype-com-3567	275	35	include	include	VB
www-sonatype-com-3567	275	36	scheduling	scheduling	NN
www-sonatype-com-3567	275	37	updates	update	VBZ
www-sonatype-com-3567	275	38	regularly	regularly	RB
www-sonatype-com-3567	275	39	,	,	,
www-sonatype-com-3567	275	40	automated	automate	VBD
www-sonatype-com-3567	275	41	testing	testing	NN
www-sonatype-com-3567	275	42	to	to	TO
www-sonatype-com-3567	275	43	detect	detect	VB
www-sonatype-com-3567	275	44	when	when	WRB
www-sonatype-com-3567	275	45	updates	update	NNS
www-sonatype-com-3567	275	46	break	break	VBP
www-sonatype-com-3567	275	47	functionality	functionality	NN
www-sonatype-com-3567	275	48	,	,	,
www-sonatype-com-3567	275	49	and	and	CC
www-sonatype-com-3567	275	50	a	a	DT
www-sonatype-com-3567	275	51	security	security	NN
www-sonatype-com-3567	275	52	-	-	HYPH
www-sonatype-com-3567	275	53	oriented	orient	VBN
www-sonatype-com-3567	275	54	development	development	NN
www-sonatype-com-3567	275	55	culture	culture	NN
www-sonatype-com-3567	275	56	(	(	-LRB-
www-sonatype-com-3567	275	57	e.g.	e.g.	RB
www-sonatype-com-3567	275	58	,	,	,
www-sonatype-com-3567	275	59	addressing	address	VBG
www-sonatype-com-3567	275	60	security	security	NN
www-sonatype-com-3567	275	61	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	275	62	as	as	IN
www-sonatype-com-3567	275	63	a	a	DT
www-sonatype-com-3567	275	64	regular	regular	JJ
www-sonatype-com-3567	275	65	part	part	NN
www-sonatype-com-3567	275	66	of	of	IN
www-sonatype-com-3567	275	67	development	development	NN
www-sonatype-com-3567	275	68	work	work	NN
www-sonatype-com-3567	275	69	)	)	-RRB-
www-sonatype-com-3567	275	70	that	that	WDT
www-sonatype-com-3567	275	71	would	would	MD
www-sonatype-com-3567	275	72	result	result	VB
www-sonatype-com-3567	275	73	in	in	IN
www-sonatype-com-3567	275	74	improved	improved	JJ
www-sonatype-com-3567	275	75	remediation	remediation	NN
www-sonatype-com-3567	275	76	times	time	NNS
www-sonatype-com-3567	275	77	.	.	.
www-sonatype-com-3567	276	1	CONFIRMED	CONFIRMED	NNP
www-sonatype-com-3567	276	2	.	.	.
www-sonatype-com-3567	277	1	Listed	list	VBN
www-sonatype-com-3567	277	2	below	below	RB
www-sonatype-com-3567	277	3	are	be	VBP
www-sonatype-com-3567	277	4	the	the	DT
www-sonatype-com-3567	277	5	top	top	JJ
www-sonatype-com-3567	277	6	factors	factor	NNS
www-sonatype-com-3567	277	7	associated	associate	VBN
www-sonatype-com-3567	277	8	with	with	IN
www-sonatype-com-3567	277	9	fast	fast	JJ
www-sonatype-com-3567	277	10	MTTR	MTTR	NNP
www-sonatype-com-3567	277	11	.	.	.
www-sonatype-com-3567	278	1	⊲	⊲	NFP
www-sonatype-com-3567	278	2	Degree	Degree	NNP
www-sonatype-com-3567	278	3	of	of	IN
www-sonatype-com-3567	278	4	OSS	OSS	NNP
www-sonatype-com-3567	278	5	Enlightenment	Enlightenment	NNP
www-sonatype-com-3567	278	6	(	(	-LRB-
www-sonatype-com-3567	278	7	see	see	VB
www-sonatype-com-3567	278	8	above	above	RB
www-sonatype-com-3567	278	9	)	)	-RRB-
www-sonatype-com-3567	278	10	⊲	⊲	NFP
www-sonatype-com-3567	278	11	Scheduling	scheduling	NN
www-sonatype-com-3567	278	12	updating	update	VBG
www-sonatype-com-3567	278	13	open	open	JJ
www-sonatype-com-3567	278	14	source	source	NN
www-sonatype-com-3567	278	15	dependencies	dependency	NNS
www-sonatype-com-3567	278	16	as	as	IN
www-sonatype-com-3567	278	17	part	part	NN
www-sonatype-com-3567	278	18	of	of	IN
www-sonatype-com-3567	278	19	daily	daily	JJ
www-sonatype-com-3567	278	20	work	work	NN
www-sonatype-com-3567	278	21	⊲	⊲	CD
www-sonatype-com-3567	278	22	Our	-PRON-	PRP$
www-sonatype-com-3567	278	23	application	application	NN
www-sonatype-com-3567	278	24	deployments	deployment	NNS
www-sonatype-com-3567	278	25	(	(	-LRB-
www-sonatype-com-3567	278	26	including	include	VBG
www-sonatype-com-3567	278	27	configurations	configuration	NNS
www-sonatype-com-3567	278	28	)	)	-RRB-
www-sonatype-com-3567	278	29	are	be	VBP
www-sonatype-com-3567	278	30	fully	fully	RB
www-sonatype-com-3567	278	31	automated	automate	VBN
www-sonatype-com-3567	278	32	⊲	⊲	CD
www-sonatype-com-3567	278	33	We	-PRON-	PRP
www-sonatype-com-3567	278	34	were	be	VBD
www-sonatype-com-3567	278	35	surprised	surprise	VBN
www-sonatype-com-3567	278	36	by	by	IN
www-sonatype-com-3567	278	37	OSS	OSS	NNP
www-sonatype-com-3567	278	38	Enlightenment	Enlightenment	NNP
www-sonatype-com-3567	278	39	appearing	appear	VBG
www-sonatype-com-3567	278	40	as	as	IN
www-sonatype-com-3567	278	41	the	the	DT
www-sonatype-com-3567	278	42	top	top	JJ
www-sonatype-com-3567	278	43	factor	factor	NN
www-sonatype-com-3567	278	44	here	here	RB
www-sonatype-com-3567	278	45	,	,	,
www-sonatype-com-3567	278	46	tied	tie	VBN
www-sonatype-com-3567	278	47	with	with	IN
www-sonatype-com-3567	278	48	scheduling	scheduling	NN
www-sonatype-com-3567	278	49	updating	update	VBG
www-sonatype-com-3567	278	50	dependencies	dependency	NNS
www-sonatype-com-3567	278	51	as	as	IN
www-sonatype-com-3567	278	52	a	a	DT
www-sonatype-com-3567	278	53	part	part	NN
www-sonatype-com-3567	278	54	of	of	IN
www-sonatype-com-3567	278	55	our	-PRON-	PRP$
www-sonatype-com-3567	278	56	daily	daily	JJ
www-sonatype-com-3567	278	57	work	work	NN
www-sonatype-com-3567	278	58	(	(	-LRB-
www-sonatype-com-3567	278	59	which	which	WDT
www-sonatype-com-3567	278	60	was	be	VBD
www-sonatype-com-3567	278	61	what	what	WP
www-sonatype-com-3567	278	62	we	-PRON-	PRP
www-sonatype-com-3567	278	63	predicted	predict	VBD
www-sonatype-com-3567	278	64	would	would	MD
www-sonatype-com-3567	278	65	be	be	VB
www-sonatype-com-3567	278	66	highest	high	JJS
www-sonatype-com-3567	278	67	)	)	-RRB-
www-sonatype-com-3567	278	68	—	—	:
www-sonatype-com-3567	278	69	 	  	_SP
www-sonatype-com-3567	278	70	see	see	VB
www-sonatype-com-3567	278	71	the	the	DT
www-sonatype-com-3567	278	72	MTTD	MTTD	NNP
www-sonatype-com-3567	278	73	section	section	NN
www-sonatype-com-3567	278	74	for	for	IN
www-sonatype-com-3567	278	75	the	the	DT
www-sonatype-com-3567	278	76	definition	definition	NN
www-sonatype-com-3567	278	77	and	and	CC
www-sonatype-com-3567	278	78	further	further	JJ
www-sonatype-com-3567	278	79	discussion	discussion	NN
www-sonatype-com-3567	278	80	.	.	.
www-sonatype-com-3567	279	1	⊲	⊲	NFP
www-sonatype-com-3567	279	2	Security	Security	NNP
www-sonatype-com-3567	279	3	guidance	guidance	NN
www-sonatype-com-3567	279	4	often	often	RB
www-sonatype-com-3567	279	5	stresses	stress	VBZ
www-sonatype-com-3567	279	6	the	the	DT
www-sonatype-com-3567	279	7	importance	importance	NN
www-sonatype-com-3567	279	8	of	of	IN
www-sonatype-com-3567	279	9	having	have	VBG
www-sonatype-com-3567	279	10	an	an	DT
www-sonatype-com-3567	279	11	automated	automate	VBN
www-sonatype-com-3567	279	12	mechanism	mechanism	NN
www-sonatype-com-3567	279	13	to	to	TO
www-sonatype-com-3567	279	14	deploy	deploy	VB
www-sonatype-com-3567	279	15	updates	update	NNS
www-sonatype-com-3567	279	16	or	or	CC
www-sonatype-com-3567	279	17	patches	patch	NNS
www-sonatype-com-3567	279	18	into	into	IN
www-sonatype-com-3567	279	19	production	production	NN
www-sonatype-com-3567	279	20	.	.	.
www-sonatype-com-3567	280	1	That	that	DT
www-sonatype-com-3567	280	2	automated	automate	VBD
www-sonatype-com-3567	280	3	deployment	deployment	NN
www-sonatype-com-3567	280	4	appears	appear	VBZ
www-sonatype-com-3567	280	5	as	as	IN
www-sonatype-com-3567	280	6	an	an	DT
www-sonatype-com-3567	280	7	important	important	JJ
www-sonatype-com-3567	280	8	factor	factor	NN
www-sonatype-com-3567	280	9	here	here	RB
www-sonatype-com-3567	280	10	supports	support	VBZ
www-sonatype-com-3567	280	11	this	this	DT
www-sonatype-com-3567	280	12	view	view	NN
www-sonatype-com-3567	280	13	.	.	.
www-sonatype-com-3567	281	1	Influencing	Influencing	NNP
www-sonatype-com-3567	281	2	Risk	Risk	NNP
www-sonatype-com-3567	281	3	Management	Management	NNP
www-sonatype-com-3567	281	4	Outcomes	Outcomes	NNP
www-sonatype-com-3567	281	5	Across	across	IN
www-sonatype-com-3567	281	6	all	all	PDT
www-sonatype-com-3567	281	7	the	the	DT
www-sonatype-com-3567	281	8	risk	risk	NN
www-sonatype-com-3567	281	9	management	management	NN
www-sonatype-com-3567	281	10	outcomes	outcome	NNS
www-sonatype-com-3567	281	11	,	,	,
www-sonatype-com-3567	281	12	the	the	DT
www-sonatype-com-3567	281	13	most	most	JJS
www-sonatype-com-3567	281	14	con-	con-	NN
www-sonatype-com-3567	281	15	sistent	sistent	NN
www-sonatype-com-3567	281	16	factors	factor	NNS
www-sonatype-com-3567	281	17	associated	associate	VBN
www-sonatype-com-3567	281	18	with	with	IN
www-sonatype-com-3567	281	19	positive	positive	JJ
www-sonatype-com-3567	281	20	risk	risk	NN
www-sonatype-com-3567	281	21	management	management	NN
www-sonatype-com-3567	281	22	outcomes	outcome	NNS
www-sonatype-com-3567	281	23	were	be	VBD
www-sonatype-com-3567	281	24	:	:	:
www-sonatype-com-3567	281	25	⊲	⊲	NFP
www-sonatype-com-3567	281	26	Having	have	VBG
www-sonatype-com-3567	281	27	a	a	DT
www-sonatype-com-3567	281	28	clear	clear	JJ
www-sonatype-com-3567	281	29	process	process	NN
www-sonatype-com-3567	281	30	for	for	IN
www-sonatype-com-3567	281	31	adding	add	VBG
www-sonatype-com-3567	281	32	and	and	CC
www-sonatype-com-3567	281	33	removing	remove	VBG
www-sonatype-com-3567	281	34	OSS	oss	NN
www-sonatype-com-3567	281	35	dependencies	dependency	NNS
www-sonatype-com-3567	281	36	⊲	⊲	NFP
www-sonatype-com-3567	281	37	Remediating	remediating	NN
www-sonatype-com-3567	281	38	known	know	VBN
www-sonatype-com-3567	281	39	OSS	oss	NN
www-sonatype-com-3567	281	40	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	281	41	as	as	IN
www-sonatype-com-3567	281	42	a	a	DT
www-sonatype-com-3567	281	43	regular	regular	JJ
www-sonatype-com-3567	281	44	part	part	NN
www-sonatype-com-3567	281	45	of	of	IN
www-sonatype-com-3567	281	46	development	development	NN
www-sonatype-com-3567	281	47	⊲	⊲	CD
www-sonatype-com-3567	281	48	Updating	update	VBG
www-sonatype-com-3567	281	49	OSS	oss	NN
www-sonatype-com-3567	281	50	dependencies	dependency	NNS
www-sonatype-com-3567	281	51	regularly	regularly	RB
www-sonatype-com-3567	281	52	⊲	⊲	NFP
www-sonatype-com-3567	281	53	Using	use	VBG
www-sonatype-com-3567	281	54	SCA	SCA	NNP
www-sonatype-com-3567	281	55	tooling	tooling	NN
www-sonatype-com-3567	281	56	and	and	CC
www-sonatype-com-3567	281	57	incorporating	incorporate	VBG
www-sonatype-com-3567	281	58	this	this	DT
www-sonatype-com-3567	281	59	tooling	tooling	NN
www-sonatype-com-3567	281	60	into	into	IN
www-sonatype-com-3567	281	61	CI	CI	NNP
www-sonatype-com-3567	281	62	Variables	Variables	NNP
www-sonatype-com-3567	281	63	Most	Most	NNP
www-sonatype-com-3567	281	64	Impacting	Impacting	NNP
www-sonatype-com-3567	281	65	Performance	Performance	NNP
www-sonatype-com-3567	281	66	and	and	CC
www-sonatype-com-3567	281	67	Risk	Risk	NNP
www-sonatype-com-3567	281	68	Management	Management	NNP
www-sonatype-com-3567	281	69	In	in	IN
www-sonatype-com-3567	281	70	this	this	DT
www-sonatype-com-3567	281	71	section	section	NN
www-sonatype-com-3567	281	72	,	,	,
www-sonatype-com-3567	281	73	we	-PRON-	PRP
www-sonatype-com-3567	281	74	state	state	VBP
www-sonatype-com-3567	281	75	all	all	DT
www-sonatype-com-3567	281	76	of	of	IN
www-sonatype-com-3567	281	77	the	the	DT
www-sonatype-com-3567	281	78	hypotheses	hypothesis	NNS
www-sonatype-com-3567	281	79	we	-PRON-	PRP
www-sonatype-com-3567	281	80	had	have	VBD
www-sonatype-com-3567	281	81	when	when	WRB
www-sonatype-com-3567	281	82	we	-PRON-	PRP
www-sonatype-com-3567	281	83	designed	design	VBD
www-sonatype-com-3567	281	84	the	the	DT
www-sonatype-com-3567	281	85	survey	survey	NN
www-sonatype-com-3567	281	86	,	,	,
www-sonatype-com-3567	281	87	and	and	CC
www-sonatype-com-3567	281	88	state	state	NN
www-sonatype-com-3567	281	89	which	which	WDT
www-sonatype-com-3567	281	90	practices	practice	VBZ
www-sonatype-com-3567	281	91	(	(	-LRB-
www-sonatype-com-3567	281	92	independent	independent	JJ
www-sonatype-com-3567	281	93	variables	variable	NNS
www-sonatype-com-3567	281	94	)	)	-RRB-
www-sonatype-com-3567	281	95	we	-PRON-	PRP
www-sonatype-com-3567	281	96	believed	believe	VBD
www-sonatype-com-3567	281	97	would	would	MD
www-sonatype-com-3567	281	98	affect	affect	VB
www-sonatype-com-3567	281	99	the	the	DT
www-sonatype-com-3567	281	100	performance	performance	NN
www-sonatype-com-3567	281	101	outcomes	outcome	NNS
www-sonatype-com-3567	281	102	(	(	-LRB-
www-sonatype-com-3567	281	103	dependent	dependent	JJ
www-sonatype-com-3567	281	104	variables	variable	NNS
www-sonatype-com-3567	281	105	)	)	-RRB-
www-sonatype-com-3567	281	106	—	—	:
www-sonatype-com-3567	281	107	we	-PRON-	PRP
www-sonatype-com-3567	281	108	also	also	RB
www-sonatype-com-3567	281	109	define	define	VBP
www-sonatype-com-3567	281	110	how	how	WRB
www-sonatype-com-3567	281	111	we	-PRON-	PRP
www-sonatype-com-3567	281	112	measured	measure	VBD
www-sonatype-com-3567	281	113	them	-PRON-	PRP
www-sonatype-com-3567	281	114	.	.	.
www-sonatype-com-3567	282	1	To	to	TO
www-sonatype-com-3567	282	2	better	well	RBR
www-sonatype-com-3567	282	3	understand	understand	VB
www-sonatype-com-3567	282	4	the	the	DT
www-sonatype-com-3567	282	5	connection	connection	NN
www-sonatype-com-3567	282	6	between	between	IN
www-sonatype-com-3567	282	7	practices	practice	NNS
www-sonatype-com-3567	282	8	and	and	CC
www-sonatype-com-3567	282	9	outcomes	outcome	NNS
www-sonatype-com-3567	282	10	,	,	,
www-sonatype-com-3567	282	11	and	and	CC
www-sonatype-com-3567	282	12	potentially	potentially	RB
www-sonatype-com-3567	282	13	understand	understand	VB
www-sonatype-com-3567	282	14	how	how	WRB
www-sonatype-com-3567	282	15	one	one	PRP
www-sonatype-com-3567	282	16	can	can	MD
www-sonatype-com-3567	282	17	improve	improve	VB
www-sonatype-com-3567	282	18	performance	performance	NN
www-sonatype-com-3567	282	19	,	,	,
www-sonatype-com-3567	282	20	we	-PRON-	PRP
www-sonatype-com-3567	282	21	fit	fit	VBP
www-sonatype-com-3567	282	22	a	a	DT
www-sonatype-com-3567	282	23	linear	linear	JJ
www-sonatype-com-3567	282	24	model	model	NN
www-sonatype-com-3567	282	25	to	to	IN
www-sonatype-com-3567	282	26	the	the	DT
www-sonatype-com-3567	282	27	data.28	data.28	NNP
www-sonatype-com-3567	282	28	We	-PRON-	PRP
www-sonatype-com-3567	282	29	measured	measure	VBD
www-sonatype-com-3567	282	30	and	and	CC
www-sonatype-com-3567	282	31	,	,	,
www-sonatype-com-3567	282	32	where	where	WRB
www-sonatype-com-3567	282	33	appro-	appro-	NNP
www-sonatype-com-3567	282	34	priate	priate	NNP
www-sonatype-com-3567	282	35	,	,	,
www-sonatype-com-3567	282	36	report	report	VB
www-sonatype-com-3567	282	37	r2	r2	JJ
www-sonatype-com-3567	282	38	values	value	NNS
www-sonatype-com-3567	282	39	,	,	,
www-sonatype-com-3567	282	40	which	which	WDT
www-sonatype-com-3567	282	41	describe	describe	VBP
www-sonatype-com-3567	282	42	the	the	DT
www-sonatype-com-3567	282	43	proportion	proportion	NN
www-sonatype-com-3567	282	44	of	of	IN
www-sonatype-com-3567	282	45	vari-	vari-	JJ
www-sonatype-com-3567	282	46	ance	ance	NN
www-sonatype-com-3567	282	47	in	in	IN
www-sonatype-com-3567	282	48	each	each	DT
www-sonatype-com-3567	282	49	outcome	outcome	NN
www-sonatype-com-3567	282	50	explained	explain	VBN
www-sonatype-com-3567	282	51	by	by	IN
www-sonatype-com-3567	282	52	the	the	DT
www-sonatype-com-3567	282	53	model	model	NN
www-sonatype-com-3567	282	54	and	and	CC
www-sonatype-com-3567	282	55	describe	describe	VB
www-sonatype-com-3567	282	56	the	the	DT
www-sonatype-com-3567	282	57	top	top	JJ
www-sonatype-com-3567	282	58	practices	practice	NNS
www-sonatype-com-3567	282	59	,	,	,
www-sonatype-com-3567	282	60	based	base	VBN
www-sonatype-com-3567	282	61	on	on	IN
www-sonatype-com-3567	282	62	their	-PRON-	PRP$
www-sonatype-com-3567	282	63	contribution	contribution	NN
www-sonatype-com-3567	282	64	to	to	IN
www-sonatype-com-3567	282	65	increases	increase	NNS
www-sonatype-com-3567	282	66	in	in	IN
www-sonatype-com-3567	282	67	the	the	DT
www-sonatype-com-3567	282	68	outcome	outcome	NN
www-sonatype-com-3567	282	69	being	be	VBG
www-sonatype-com-3567	282	70	analyzed	analyze	VBN
www-sonatype-com-3567	282	71	.	.	.
www-sonatype-com-3567	283	1	29	29	CD
www-sonatype-com-3567	283	2	30	30	CD
www-sonatype-com-3567	283	3	(	(	-LRB-
www-sonatype-com-3567	283	4	All	all	DT
www-sonatype-com-3567	283	5	independent	independent	JJ
www-sonatype-com-3567	283	6	and	and	CC
www-sonatype-com-3567	283	7	depen-	depen-	JJ
www-sonatype-com-3567	283	8	dent	dent	NN
www-sonatype-com-3567	283	9	variables	variable	NNS
www-sonatype-com-3567	283	10	are	be	VBP
www-sonatype-com-3567	283	11	listed	list	VBN
www-sonatype-com-3567	283	12	and	and	CC
www-sonatype-com-3567	283	13	described	describe	VBN
www-sonatype-com-3567	283	14	in	in	IN
www-sonatype-com-3567	283	15	Appendix	Appendix	NNP
www-sonatype-com-3567	283	16	B.	B.	NNP
www-sonatype-com-3567	283	17	)	)	-RRB-
www-sonatype-com-3567	284	1	C	c	NN
www-sonatype-com-3567	284	2	H	h	NN
www-sonatype-com-3567	284	3	A	a	NN
www-sonatype-com-3567	284	4	P	p	NN
www-sonatype-com-3567	284	5	T	t	NN
www-sonatype-com-3567	284	6	E	e	NN
www-sonatype-com-3567	284	7	R	r	NN
www-sonatype-com-3567	284	8	4	4	CD
www-sonatype-com-3567	284	9	:	:	:
www-sonatype-com-3567	284	10	H	h	NN
www-sonatype-com-3567	284	11	O	o	NN
www-sonatype-com-3567	284	12	W	w	NN
www-sonatype-com-3567	284	13	H	h	NN
www-sonatype-com-3567	284	14	IG	ig	NN
www-sonatype-com-3567	284	15	H	h	NN
www-sonatype-com-3567	284	16	P	p	NN
www-sonatype-com-3567	284	17	E	e	NN
www-sonatype-com-3567	284	18	R	r	NN
www-sonatype-com-3567	284	19	F	f	NN
www-sonatype-com-3567	284	20	O	o	NN
www-sonatype-com-3567	284	21	R	r	NN
www-sonatype-com-3567	284	22	M	m	NN
www-sonatype-com-3567	284	23	A	A	NNP
www-sonatype-com-3567	284	24	N	n	NN
www-sonatype-com-3567	284	25	C	c	NN
www-sonatype-com-3567	284	26	E	e	NN
www-sonatype-com-3567	284	27	T	t	NN
www-sonatype-com-3567	284	28	E	e	NN
www-sonatype-com-3567	284	29	A	a	NN
www-sonatype-com-3567	284	30	M	m	NN
www-sonatype-com-3567	284	31	S	s	NN
www-sonatype-com-3567	284	32	M	M	NNP
www-sonatype-com-3567	284	33	A	A	NNP
www-sonatype-com-3567	284	34	N	N	NNP
www-sonatype-com-3567	284	35	A	a	NN
www-sonatype-com-3567	284	36	G	g	NN
www-sonatype-com-3567	284	37	E	e	NN
www-sonatype-com-3567	284	38	O	o	NN
www-sonatype-com-3567	284	39	P	p	NN
www-sonatype-com-3567	284	40	E	e	NN
www-sonatype-com-3567	284	41	N	n	NN
www-sonatype-com-3567	284	42	S	s	NN
www-sonatype-com-3567	284	43	O	o	NN
www-sonatype-com-3567	284	44	U	u	NN
www-sonatype-com-3567	284	45	R	r	NN
www-sonatype-com-3567	284	46	C	c	NN
www-sonatype-com-3567	284	47	E	e	NN
www-sonatype-com-3567	284	48	S	s	NN
www-sonatype-com-3567	284	49	O	o	NN
www-sonatype-com-3567	284	50	F	f	NN
www-sonatype-com-3567	284	51	T	t	NN
www-sonatype-com-3567	284	52	W	w	NN
www-sonatype-com-3567	284	53	A	a	NN
www-sonatype-com-3567	284	54	R	r	NN
www-sonatype-com-3567	284	55	E	e	NN
www-sonatype-com-3567	284	56	S	s	NN
www-sonatype-com-3567	284	57	U	u	NN
www-sonatype-com-3567	284	58	P	p	NN
www-sonatype-com-3567	284	59	P	p	NN
www-sonatype-com-3567	284	60	LY	ly	NN
www-sonatype-com-3567	284	61	C	c	NN
www-sonatype-com-3567	284	62	H	h	NN
www-sonatype-com-3567	284	63	A	a	NN
www-sonatype-com-3567	284	64	IN	in	IN
www-sonatype-com-3567	284	65	242020	242020	CD
www-sonatype-com-3567	284	66	STATE	STATE	NNP
www-sonatype-com-3567	284	67	OF	of	IN
www-sonatype-com-3567	284	68	THE	the	DT
www-sonatype-com-3567	284	69	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	284	70	SUPPLY	supply	NN
www-sonatype-com-3567	284	71	CHAIN	chain	NN
www-sonatype-com-3567	284	72	REPORT	REPORT	NNP
www-sonatype-com-3567	284	73	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	284	74	RISK	RISK	NNP
www-sonatype-com-3567	284	75	MANAGEMENT	MANAGEMENT	NNP
www-sonatype-com-3567	284	76	OUTCOMES	outcomes	RB
www-sonatype-com-3567	284	77	:	:	:
www-sonatype-com-3567	284	78	OSS	oss	NN
www-sonatype-com-3567	284	79	Security	Security	NNP
www-sonatype-com-3567	284	80	Measured	Measured	NNP
www-sonatype-com-3567	284	81	as	as	IN
www-sonatype-com-3567	284	82	the	the	DT
www-sonatype-com-3567	284	83	level	level	NN
www-sonatype-com-3567	284	84	of	of	IN
www-sonatype-com-3567	284	85	confidence	confidence	NN
www-sonatype-com-3567	284	86	that	that	IN
www-sonatype-com-3567	284	87	applications	application	NNS
www-sonatype-com-3567	284	88	are	be	VBP
www-sonatype-com-3567	284	89	not	not	RB
www-sonatype-com-3567	284	90	using	use	VBG
www-sonatype-com-3567	284	91	open	open	JJ
www-sonatype-com-3567	284	92	source	source	NN
www-sonatype-com-3567	284	93	components	component	NNS
www-sonatype-com-3567	284	94	with	with	IN
www-sonatype-com-3567	284	95	known	know	VBN
www-sonatype-com-3567	284	96	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	284	97	.	.	.
www-sonatype-com-3567	285	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	285	2	RESULT	RESULT	NNP
www-sonatype-com-3567	285	3	(	(	-LRB-
www-sonatype-com-3567	285	4	R2	R2	NNP
www-sonatype-com-3567	285	5	=	=	SYM
www-sonatype-com-3567	285	6	0.35	0.35	CD
www-sonatype-com-3567	285	7	)	)	-RRB-
www-sonatype-com-3567	285	8	DISCUSSION	DISCUSSION	NNP
www-sonatype-com-3567	285	9	That	that	IN
www-sonatype-com-3567	285	10	some	some	DT
www-sonatype-com-3567	285	11	tooling	tooling	NN
www-sonatype-com-3567	285	12	to	to	TO
www-sonatype-com-3567	285	13	do	do	VB
www-sonatype-com-3567	285	14	centralized	centralized	JJ
www-sonatype-com-3567	285	15	scanning	scanning	NN
www-sonatype-com-3567	285	16	of	of	IN
www-sonatype-com-3567	285	17	depen-	depen-	JJ
www-sonatype-com-3567	285	18	dencies	dencie	NNS
www-sonatype-com-3567	285	19	and	and	CC
www-sonatype-com-3567	285	20	an	an	DT
www-sonatype-com-3567	285	21	effective	effective	JJ
www-sonatype-com-3567	285	22	approval	approval	NN
www-sonatype-com-3567	285	23	process	process	NN
www-sonatype-com-3567	285	24	would	would	MD
www-sonatype-com-3567	285	25	predict	predict	VB
www-sonatype-com-3567	285	26	confidence	confidence	NN
www-sonatype-com-3567	285	27	in	in	IN
www-sonatype-com-3567	285	28	OSS	oss	NN
www-sonatype-com-3567	285	29	security	security	NN
www-sonatype-com-3567	285	30	.	.	.
www-sonatype-com-3567	286	1	CONFIRMED	CONFIRMED	NNP
www-sonatype-com-3567	286	2	.	.	.
www-sonatype-com-3567	287	1	Listed	list	VBN
www-sonatype-com-3567	287	2	below	below	RB
www-sonatype-com-3567	287	3	are	be	VBP
www-sonatype-com-3567	287	4	the	the	DT
www-sonatype-com-3567	287	5	top	top	JJ
www-sonatype-com-3567	287	6	factors	factor	NNS
www-sonatype-com-3567	287	7	associated	associate	VBN
www-sonatype-com-3567	287	8	with	with	IN
www-sonatype-com-3567	287	9	high	high	JJ
www-sonatype-com-3567	287	10	security	security	NN
www-sonatype-com-3567	287	11	confidence	confidence	NN
www-sonatype-com-3567	287	12	:	:	:
www-sonatype-com-3567	287	13	⊲	⊲	NFP
www-sonatype-com-3567	287	14	Having	have	VBG
www-sonatype-com-3567	287	15	a	a	DT
www-sonatype-com-3567	287	16	clear	clear	JJ
www-sonatype-com-3567	287	17	process	process	NN
www-sonatype-com-3567	287	18	for	for	IN
www-sonatype-com-3567	287	19	adding	add	VBG
www-sonatype-com-3567	287	20	and	and	CC
www-sonatype-com-3567	287	21	removing	remove	VBG
www-sonatype-com-3567	287	22	dependencies	dependency	NNS
www-sonatype-com-3567	287	23	⊲	⊲	NFP
www-sonatype-com-3567	287	24	When	when	WRB
www-sonatype-com-3567	287	25	selecting	select	VBG
www-sonatype-com-3567	287	26	new	new	JJ
www-sonatype-com-3567	287	27	OSS	OSS	NNP
www-sonatype-com-3567	287	28	components	component	NNS
www-sonatype-com-3567	287	29	,	,	,
www-sonatype-com-3567	287	30	the	the	DT
www-sonatype-com-3567	287	31	two	two	CD
www-sonatype-com-3567	287	32	following	follow	VBG
www-sonatype-com-3567	287	33	factors	factor	NNS
www-sonatype-com-3567	287	34	are	be	VBP
www-sonatype-com-3567	287	35	considered	consider	VBN
www-sonatype-com-3567	287	36	important	important	JJ
www-sonatype-com-3567	287	37	:	:	:
www-sonatype-com-3567	287	38	ɡ	ɡ	NN
www-sonatype-com-3567	287	39	Security	security	NN
www-sonatype-com-3567	287	40	history	history	NN
www-sonatype-com-3567	287	41	(	(	-LRB-
www-sonatype-com-3567	287	42	e.g.	e.g.	RB
www-sonatype-com-3567	288	1	have	have	VBP
www-sonatype-com-3567	288	2	there	there	EX
www-sonatype-com-3567	288	3	been	be	VBN
www-sonatype-com-3567	288	4	multiple	multiple	JJ
www-sonatype-com-3567	288	5	high	high	JJ
www-sonatype-com-3567	288	6	-	-	HYPH
www-sonatype-com-3567	288	7	risk	risk	NN
www-sonatype-com-3567	288	8	CVEs	cf	NNS
www-sonatype-com-3567	288	9	)	)	-RRB-
www-sonatype-com-3567	288	10	ɡ	ɡ	NN
www-sonatype-com-3567	288	11	Rate	rate	NN
www-sonatype-com-3567	288	12	of	of	IN
www-sonatype-com-3567	288	13	fixes	fix	NNS
www-sonatype-com-3567	288	14	(	(	-LRB-
www-sonatype-com-3567	288	15	frequency	frequency	NN
www-sonatype-com-3567	288	16	of	of	IN
www-sonatype-com-3567	288	17	security	security	NN
www-sonatype-com-3567	288	18	and	and	CC
www-sonatype-com-3567	288	19	bug	bug	NN
www-sonatype-com-3567	288	20	fixes	fix	NNS
www-sonatype-com-3567	288	21	)	)	-RRB-
www-sonatype-com-3567	288	22	⊲	⊲	NFP
www-sonatype-com-3567	288	23	Scheduling	scheduling	NN
www-sonatype-com-3567	288	24	updating	update	VBG
www-sonatype-com-3567	288	25	open	open	JJ
www-sonatype-com-3567	288	26	source	source	NN
www-sonatype-com-3567	288	27	dependencies	dependency	NNS
www-sonatype-com-3567	288	28	as	as	IN
www-sonatype-com-3567	288	29	part	part	NN
www-sonatype-com-3567	288	30	of	of	IN
www-sonatype-com-3567	288	31	our	-PRON-	PRP$
www-sonatype-com-3567	288	32	daily	daily	JJ
www-sonatype-com-3567	288	33	work	work	NN
www-sonatype-com-3567	288	34	⊲	⊲	CD
www-sonatype-com-3567	288	35	We	-PRON-	PRP
www-sonatype-com-3567	288	36	asked	ask	VBD
www-sonatype-com-3567	288	37	a	a	DT
www-sonatype-com-3567	288	38	series	series	NN
www-sonatype-com-3567	288	39	of	of	IN
www-sonatype-com-3567	288	40	questions	question	NNS
www-sonatype-com-3567	288	41	about	about	IN
www-sonatype-com-3567	288	42	what	what	WDT
www-sonatype-com-3567	288	43	criteria	criterion	NNS
www-sonatype-com-3567	288	44	were	be	VBD
www-sonatype-com-3567	288	45	important	important	JJ
www-sonatype-com-3567	288	46	when	when	WRB
www-sonatype-com-3567	288	47	selecting	select	VBG
www-sonatype-com-3567	288	48	new	new	JJ
www-sonatype-com-3567	288	49	OSS	OSS	NNP
www-sonatype-com-3567	288	50	components	component	NNS
www-sonatype-com-3567	288	51	,	,	,
www-sonatype-com-3567	288	52	which	which	WDT
www-sonatype-com-3567	288	53	is	be	VBZ
www-sonatype-com-3567	288	54	about	about	IN
www-sonatype-com-3567	288	55	being	be	VBG
www-sonatype-com-3567	288	56	careful	careful	JJ
www-sonatype-com-3567	288	57	and	and	CC
www-sonatype-com-3567	288	58	particular	particular	JJ
www-sonatype-com-3567	288	59	about	about	IN
www-sonatype-com-3567	288	60	functionality	functionality	NN
www-sonatype-com-3567	288	61	,	,	,
www-sonatype-com-3567	288	62	integrations	integration	NNS
www-sonatype-com-3567	288	63	,	,	,
www-sonatype-com-3567	288	64	ease	ease	NN
www-sonatype-com-3567	288	65	of	of	IN
www-sonatype-com-3567	288	66	use	use	NN
www-sonatype-com-3567	288	67	,	,	,
www-sonatype-com-3567	288	68	security	security	NN
www-sonatype-com-3567	288	69	,	,	,
www-sonatype-com-3567	288	70	etc	etc	FW
www-sonatype-com-3567	288	71	.	.	.
www-sonatype-com-3567	289	1	⊲	⊲	NFP
www-sonatype-com-3567	289	2	The	the	DT
www-sonatype-com-3567	289	3	primary	primary	JJ
www-sonatype-com-3567	289	4	contributing	contributing	NN
www-sonatype-com-3567	289	5	factors	factor	NNS
www-sonatype-com-3567	289	6	all	all	DT
www-sonatype-com-3567	289	7	have	have	VBP
www-sonatype-com-3567	289	8	to	to	TO
www-sonatype-com-3567	289	9	do	do	VB
www-sonatype-com-3567	289	10	with	with	IN
www-sonatype-com-3567	289	11	controlling	control	VBG
www-sonatype-com-3567	289	12	what	what	WDT
www-sonatype-com-3567	289	13	components	component	NNS
www-sonatype-com-3567	289	14	are	be	VBP
www-sonatype-com-3567	289	15	brought	bring	VBN
www-sonatype-com-3567	289	16	into	into	IN
www-sonatype-com-3567	289	17	the	the	DT
www-sonatype-com-3567	289	18	supply	supply	NN
www-sonatype-com-3567	289	19	chain	chain	NN
www-sonatype-com-3567	289	20	.	.	.
www-sonatype-com-3567	290	1	The	the	DT
www-sonatype-com-3567	290	2	two	two	CD
www-sonatype-com-3567	290	3	next	next	RB
www-sonatype-com-3567	290	4	most	most	RBS
www-sonatype-com-3567	290	5	important	important	JJ
www-sonatype-com-3567	290	6	factors	factor	NNS
www-sonatype-com-3567	290	7	both	both	DT
www-sonatype-com-3567	290	8	had	have	VBD
www-sonatype-com-3567	290	9	to	to	TO
www-sonatype-com-3567	290	10	do	do	VB
www-sonatype-com-3567	290	11	with	with	IN
www-sonatype-com-3567	290	12	monitoring	monitoring	NN
www-sonatype-com-3567	290	13	to	to	TO
www-sonatype-com-3567	290	14	enforce	enforce	VB
www-sonatype-com-3567	290	15	those	those	DT
www-sonatype-com-3567	290	16	policies	policy	NNS
www-sonatype-com-3567	290	17	:	:	:
www-sonatype-com-3567	290	18	ɡ	ɡ	NN
www-sonatype-com-3567	290	19	The	the	DT
www-sonatype-com-3567	290	20	output	output	NN
www-sonatype-com-3567	290	21	of	of	IN
www-sonatype-com-3567	290	22	software	software	NN
www-sonatype-com-3567	290	23	composition	composition	NN
www-sonatype-com-3567	290	24	analysis	analysis	NN
www-sonatype-com-3567	290	25	(	(	-LRB-
www-sonatype-com-3567	290	26	SCA	SCA	NNP
www-sonatype-com-3567	290	27	)	)	-RRB-
www-sonatype-com-3567	290	28	tools	tool	NNS
www-sonatype-com-3567	290	29	is	be	VBZ
www-sonatype-com-3567	290	30	integrated	integrate	VBN
www-sonatype-com-3567	290	31	into	into	IN
www-sonatype-com-3567	290	32	daily	daily	JJ
www-sonatype-com-3567	290	33	develop-	develop-	NNP
www-sonatype-com-3567	290	34	ment	ment	JJ
www-sonatype-com-3567	290	35	workflows	workflow	NNS
www-sonatype-com-3567	290	36	.	.	.
www-sonatype-com-3567	291	1	ɡ	ɡ	LS
www-sonatype-com-3567	291	2	Every	every	DT
www-sonatype-com-3567	291	3	deployed	deploy	VBN
www-sonatype-com-3567	291	4	application	application	NN
www-sonatype-com-3567	291	5	is	be	VBZ
www-sonatype-com-3567	291	6	centrally	centrally	RB
www-sonatype-com-3567	291	7	tracked	track	VBN
www-sonatype-com-3567	291	8	,	,	,
www-sonatype-com-3567	291	9	including	include	VBG
www-sonatype-com-3567	291	10	its	-PRON-	PRP$
www-sonatype-com-3567	291	11	open	open	JJ
www-sonatype-com-3567	291	12	source	source	NN
www-sonatype-com-3567	291	13	dependencies	dependency	NNS
www-sonatype-com-3567	291	14	,	,	,
www-sonatype-com-3567	291	15	and	and	CC
www-sonatype-com-3567	291	16	it	-PRON-	PRP
www-sonatype-com-3567	291	17	is	be	VBZ
www-sonatype-com-3567	291	18	known	know	VBN
www-sonatype-com-3567	291	19	who	who	WP
www-sonatype-com-3567	291	20	the	the	DT
www-sonatype-com-3567	291	21	application	application	NN
www-sonatype-com-3567	291	22	team	team	NN
www-sonatype-com-3567	291	23	leader	leader	NN
www-sonatype-com-3567	291	24	is	be	VBZ
www-sonatype-com-3567	291	25	.	.	.
www-sonatype-com-3567	292	1	This	this	DT
www-sonatype-com-3567	292	2	practice	practice	NN
www-sonatype-com-3567	292	3	is	be	VBZ
www-sonatype-com-3567	292	4	critical	critical	JJ
www-sonatype-com-3567	292	5	to	to	IN
www-sonatype-com-3567	292	6	building	build	VBG
www-sonatype-com-3567	292	7	and	and	CC
www-sonatype-com-3567	292	8	maintaining	maintain	VBG
www-sonatype-com-3567	292	9	SBOMs	sbom	NNS
www-sonatype-com-3567	292	10	for	for	IN
www-sonatype-com-3567	292	11	each	each	DT
www-sonatype-com-3567	292	12	application	application	NN
www-sonatype-com-3567	292	13	.	.	.
www-sonatype-com-3567	293	1	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	293	2	RISK	RISK	NNP
www-sonatype-com-3567	293	3	MANAGEMENT	MANAGEMENT	NNP
www-sonatype-com-3567	293	4	OUTCOMES	outcomes	RB
www-sonatype-com-3567	293	5	:	:	:
www-sonatype-com-3567	293	6	License	license	NN
www-sonatype-com-3567	293	7	Compliance	compliance	NN
www-sonatype-com-3567	293	8	Measured	measure	VBN
www-sonatype-com-3567	293	9	as	as	IN
www-sonatype-com-3567	293	10	the	the	DT
www-sonatype-com-3567	293	11	level	level	NN
www-sonatype-com-3567	293	12	of	of	IN
www-sonatype-com-3567	293	13	confidence	confidence	NN
www-sonatype-com-3567	293	14	that	that	IN
www-sonatype-com-3567	293	15	the	the	DT
www-sonatype-com-3567	293	16	development	development	NN
www-sonatype-com-3567	293	17	team	team	NN
www-sonatype-com-3567	293	18	is	be	VBZ
www-sonatype-com-3567	293	19	in	in	IN
www-sonatype-com-3567	293	20	compliance	compliance	NN
www-sonatype-com-3567	293	21	with	with	IN
www-sonatype-com-3567	293	22	the	the	DT
www-sonatype-com-3567	293	23	organization	organization	NN
www-sonatype-com-3567	293	24	’s	’s	POS
www-sonatype-com-3567	293	25	policies	policy	NNS
www-sonatype-com-3567	293	26	regarding	regard	VBG
www-sonatype-com-3567	293	27	open	open	JJ
www-sonatype-com-3567	293	28	source	source	NN
www-sonatype-com-3567	293	29	licenses	license	NNS
www-sonatype-com-3567	293	30	.	.	.
www-sonatype-com-3567	294	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	294	2	RESULT	RESULT	NNP
www-sonatype-com-3567	294	3	(	(	-LRB-
www-sonatype-com-3567	294	4	R2	R2	NNP
www-sonatype-com-3567	294	5	=	=	SYM
www-sonatype-com-3567	294	6	0.29	0.29	CD
www-sonatype-com-3567	294	7	)	)	-RRB-
www-sonatype-com-3567	294	8	DISCUSSION	DISCUSSION	NNP
www-sonatype-com-3567	294	9	Practices	Practices	NNPS
www-sonatype-com-3567	294	10	associated	associate	VBD
www-sonatype-com-3567	294	11	with	with	IN
www-sonatype-com-3567	294	12	effec-	effec-	NNP
www-sonatype-com-3567	294	13	tive	tive	NNP
www-sonatype-com-3567	294	14	governance	governance	NN
www-sonatype-com-3567	294	15	(	(	-LRB-
www-sonatype-com-3567	294	16	e.g.	e.g.	RB
www-sonatype-com-3567	294	17	,	,	,
www-sonatype-com-3567	294	18	processes	process	NNS
www-sonatype-com-3567	294	19	defined	define	VBN
www-sonatype-com-3567	294	20	,	,	,
www-sonatype-com-3567	294	21	tools	tool	NNS
www-sonatype-com-3567	294	22	to	to	TO
www-sonatype-com-3567	294	23	monitor	monitor	VB
www-sonatype-com-3567	294	24	compli-	compli-	JJ
www-sonatype-com-3567	294	25	ance	ance	NN
www-sonatype-com-3567	294	26	,	,	,
www-sonatype-com-3567	294	27	responsibilities	responsibility	NNS
www-sonatype-com-3567	294	28	assigned	assign	VBN
www-sonatype-com-3567	294	29	,	,	,
www-sonatype-com-3567	294	30	etc	etc	FW
www-sonatype-com-3567	294	31	.	.	.
www-sonatype-com-3567	294	32	)	)	-RRB-
www-sonatype-com-3567	295	1	would	would	MD
www-sonatype-com-3567	295	2	increase	increase	VB
www-sonatype-com-3567	295	3	confidence	confidence	NN
www-sonatype-com-3567	295	4	in	in	IN
www-sonatype-com-3567	295	5	OSS	oss	NN
www-sonatype-com-3567	295	6	license	license	NN
www-sonatype-com-3567	295	7	compliance	compliance	NN
www-sonatype-com-3567	295	8	.	.	.
www-sonatype-com-3567	296	1	CONFIRMED	CONFIRMED	NNP
www-sonatype-com-3567	296	2	.	.	.
www-sonatype-com-3567	297	1	Listed	list	VBN
www-sonatype-com-3567	297	2	below	below	RB
www-sonatype-com-3567	297	3	are	be	VBP
www-sonatype-com-3567	297	4	the	the	DT
www-sonatype-com-3567	297	5	top	top	JJ
www-sonatype-com-3567	297	6	factors	factor	NNS
www-sonatype-com-3567	297	7	associated	associate	VBN
www-sonatype-com-3567	297	8	with	with	IN
www-sonatype-com-3567	297	9	increased	increase	VBN
www-sonatype-com-3567	297	10	confidence	confidence	NN
www-sonatype-com-3567	297	11	in	in	IN
www-sonatype-com-3567	297	12	OSS	oss	NN
www-sonatype-com-3567	297	13	license	license	NN
www-sonatype-com-3567	297	14	compliance	compliance	NN
www-sonatype-com-3567	297	15	.	.	.
www-sonatype-com-3567	298	1	⊲	⊲	NFP
www-sonatype-com-3567	298	2	Having	have	VBG
www-sonatype-com-3567	298	3	a	a	DT
www-sonatype-com-3567	298	4	clear	clear	JJ
www-sonatype-com-3567	298	5	process	process	NN
www-sonatype-com-3567	298	6	for	for	IN
www-sonatype-com-3567	298	7	adding	add	VBG
www-sonatype-com-3567	298	8	and	and	CC
www-sonatype-com-3567	298	9	removing	remove	VBG
www-sonatype-com-3567	298	10	dependencies	dependency	NNS
www-sonatype-com-3567	298	11	⊲	⊲	VBP
www-sonatype-com-3567	298	12	Consistently	consistently	RB
www-sonatype-com-3567	298	13	following	follow	VBG
www-sonatype-com-3567	298	14	open	open	JJ
www-sonatype-com-3567	298	15	source	source	NN
www-sonatype-com-3567	298	16	approval	approval	NN
www-sonatype-com-3567	298	17	processes	process	NNS
www-sonatype-com-3567	298	18	⊲	⊲	NFP
www-sonatype-com-3567	298	19	Prioritizing	prioritize	VBG
www-sonatype-com-3567	298	20	licensing	licensing	NN
www-sonatype-com-3567	298	21	considerations	consideration	NNS
www-sonatype-com-3567	298	22	when	when	WRB
www-sonatype-com-3567	298	23	selecting	select	VBG
www-sonatype-com-3567	298	24	new	new	JJ
www-sonatype-com-3567	298	25	open	open	JJ
www-sonatype-com-3567	298	26	source	source	NN
www-sonatype-com-3567	298	27	components	component	VBZ
www-sonatype-com-3567	298	28	⊲	⊲	CD
www-sonatype-com-3567	298	29	Scheduling	scheduling	NN
www-sonatype-com-3567	298	30	updating	update	VBG
www-sonatype-com-3567	298	31	open	open	JJ
www-sonatype-com-3567	298	32	source	source	NN
www-sonatype-com-3567	298	33	dependencies	dependency	NNS
www-sonatype-com-3567	298	34	as	as	IN
www-sonatype-com-3567	298	35	part	part	NN
www-sonatype-com-3567	298	36	of	of	IN
www-sonatype-com-3567	298	37	our	-PRON-	PRP$
www-sonatype-com-3567	298	38	daily	daily	JJ
www-sonatype-com-3567	298	39	work	work	NN
www-sonatype-com-3567	298	40	⊲	⊲	CD
www-sonatype-com-3567	298	41	We	-PRON-	PRP
www-sonatype-com-3567	298	42	found	find	VBD
www-sonatype-com-3567	298	43	it	-PRON-	PRP
www-sonatype-com-3567	298	44	interesting	interesting	JJ
www-sonatype-com-3567	298	45	that	that	IN
www-sonatype-com-3567	298	46	all	all	PDT
www-sonatype-com-3567	298	47	these	these	DT
www-sonatype-com-3567	298	48	factors	factor	NNS
www-sonatype-com-3567	298	49	relate	relate	VBP
www-sonatype-com-3567	298	50	to	to	IN
www-sonatype-com-3567	298	51	process	process	NN
www-sonatype-com-3567	298	52	,	,	,
www-sonatype-com-3567	298	53	not	not	RB
www-sonatype-com-3567	298	54	technology	technology	NN
www-sonatype-com-3567	298	55	.	.	.
www-sonatype-com-3567	299	1	⊲	⊲	NFP
www-sonatype-com-3567	299	2	We	-PRON-	PRP
www-sonatype-com-3567	299	3	were	be	VBD
www-sonatype-com-3567	299	4	surprised	surprised	JJ
www-sonatype-com-3567	299	5	that	that	IN
www-sonatype-com-3567	299	6	the	the	DT
www-sonatype-com-3567	299	7	degree	degree	NN
www-sonatype-com-3567	299	8	of	of	IN
www-sonatype-com-3567	299	9	centralized	centralize	VBN
www-sonatype-com-3567	299	10	governance	governance	NN
www-sonatype-com-3567	299	11	was	be	VBD
www-sonatype-com-3567	299	12	not	not	RB
www-sonatype-com-3567	299	13	associated	associate	VBN
www-sonatype-com-3567	299	14	with	with	IN
www-sonatype-com-3567	299	15	increased	increase	VBN
www-sonatype-com-3567	299	16	performance	performance	NN
www-sonatype-com-3567	299	17	—	—	:
www-sonatype-com-3567	299	18	this	this	DT
www-sonatype-com-3567	299	19	likely	likely	RB
www-sonatype-com-3567	299	20	indicates	indicate	VBZ
www-sonatype-com-3567	299	21	that	that	IN
www-sonatype-com-3567	299	22	there	there	EX
www-sonatype-com-3567	299	23	are	be	VBP
www-sonatype-com-3567	299	24	many	many	JJ
www-sonatype-com-3567	299	25	organizational	organizational	JJ
www-sonatype-com-3567	299	26	approaches	approach	NNS
www-sonatype-com-3567	299	27	to	to	TO
www-sonatype-com-3567	299	28	effectively	effectively	RB
www-sonatype-com-3567	299	29	solve	solve	VB
www-sonatype-com-3567	299	30	compliance	compliance	NN
www-sonatype-com-3567	299	31	problems	problem	NNS
www-sonatype-com-3567	299	32	.	.	.
www-sonatype-com-3567	300	1	C	c	NN
www-sonatype-com-3567	300	2	H	h	NN
www-sonatype-com-3567	300	3	A	a	NN
www-sonatype-com-3567	300	4	P	p	NN
www-sonatype-com-3567	300	5	T	t	NN
www-sonatype-com-3567	300	6	E	e	NN
www-sonatype-com-3567	300	7	R	r	NN
www-sonatype-com-3567	300	8	4	4	CD
www-sonatype-com-3567	300	9	:	:	:
www-sonatype-com-3567	300	10	H	h	NN
www-sonatype-com-3567	300	11	O	o	NN
www-sonatype-com-3567	300	12	W	w	NN
www-sonatype-com-3567	300	13	H	h	NN
www-sonatype-com-3567	300	14	IG	ig	NN
www-sonatype-com-3567	300	15	H	h	NN
www-sonatype-com-3567	300	16	P	p	NN
www-sonatype-com-3567	300	17	E	e	NN
www-sonatype-com-3567	300	18	R	r	NN
www-sonatype-com-3567	300	19	F	f	NN
www-sonatype-com-3567	300	20	O	o	NN
www-sonatype-com-3567	300	21	R	r	NN
www-sonatype-com-3567	300	22	M	m	NN
www-sonatype-com-3567	300	23	A	A	NNP
www-sonatype-com-3567	300	24	N	n	NN
www-sonatype-com-3567	300	25	C	c	NN
www-sonatype-com-3567	300	26	E	e	NN
www-sonatype-com-3567	300	27	T	t	NN
www-sonatype-com-3567	300	28	E	e	NN
www-sonatype-com-3567	300	29	A	a	NN
www-sonatype-com-3567	300	30	M	m	NN
www-sonatype-com-3567	300	31	S	s	NN
www-sonatype-com-3567	300	32	M	M	NNP
www-sonatype-com-3567	300	33	A	A	NNP
www-sonatype-com-3567	300	34	N	N	NNP
www-sonatype-com-3567	300	35	A	a	NN
www-sonatype-com-3567	300	36	G	g	NN
www-sonatype-com-3567	300	37	E	e	NN
www-sonatype-com-3567	300	38	O	o	NN
www-sonatype-com-3567	300	39	P	p	NN
www-sonatype-com-3567	300	40	E	e	NN
www-sonatype-com-3567	300	41	N	n	NN
www-sonatype-com-3567	300	42	S	s	NN
www-sonatype-com-3567	300	43	O	o	NN
www-sonatype-com-3567	300	44	U	u	NN
www-sonatype-com-3567	300	45	R	r	NN
www-sonatype-com-3567	300	46	C	c	NN
www-sonatype-com-3567	300	47	E	e	NN
www-sonatype-com-3567	300	48	S	s	NN
www-sonatype-com-3567	300	49	O	o	NN
www-sonatype-com-3567	300	50	F	f	NN
www-sonatype-com-3567	300	51	T	t	NN
www-sonatype-com-3567	300	52	W	w	NN
www-sonatype-com-3567	300	53	A	a	NN
www-sonatype-com-3567	300	54	R	r	NN
www-sonatype-com-3567	300	55	E	e	NN
www-sonatype-com-3567	300	56	S	s	NN
www-sonatype-com-3567	300	57	U	u	NN
www-sonatype-com-3567	300	58	P	p	NN
www-sonatype-com-3567	300	59	P	p	NN
www-sonatype-com-3567	300	60	LY	ly	NN
www-sonatype-com-3567	300	61	C	c	NN
www-sonatype-com-3567	300	62	H	h	NN
www-sonatype-com-3567	300	63	A	a	NN
www-sonatype-com-3567	300	64	IN	in	NN
www-sonatype-com-3567	300	65	252020	252020	CD
www-sonatype-com-3567	300	66	STATE	STATE	NNP
www-sonatype-com-3567	300	67	OF	of	IN
www-sonatype-com-3567	300	68	THE	the	DT
www-sonatype-com-3567	300	69	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	300	70	SUPPLY	supply	NN
www-sonatype-com-3567	300	71	CHAIN	chain	NN
www-sonatype-com-3567	300	72	REPORT	report	NN
www-sonatype-com-3567	300	73	Influencing	Influencing	NNP
www-sonatype-com-3567	300	74	Productivity	Productivity	NNP
www-sonatype-com-3567	300	75	Outcomes	Outcomes	NNP
www-sonatype-com-3567	300	76	Factors	Factors	NNPS
www-sonatype-com-3567	300	77	which	which	WDT
www-sonatype-com-3567	300	78	influence	influence	VBP
www-sonatype-com-3567	300	79	software	software	NN
www-sonatype-com-3567	300	80	delivery	delivery	NN
www-sonatype-com-3567	300	81	produc-	produc-	NN
www-sonatype-com-3567	300	82	tivity	tivity	NN
www-sonatype-com-3567	300	83	are	be	VBP
www-sonatype-com-3567	300	84	notoriously	notoriously	RB
www-sonatype-com-3567	300	85	elusive	elusive	JJ
www-sonatype-com-3567	300	86	,	,	,
www-sonatype-com-3567	300	87	although	although	IN
www-sonatype-com-3567	300	88	the	the	DT
www-sonatype-com-3567	300	89	State	State	NNP
www-sonatype-com-3567	300	90	of	of	IN
www-sonatype-com-3567	300	91	DevOps	DevOps	NNP
www-sonatype-com-3567	300	92	Report	Report	NNP
www-sonatype-com-3567	300	93	has	have	VBZ
www-sonatype-com-3567	300	94	wonderfully	wonderfully	RB
www-sonatype-com-3567	300	95	illuminated	illuminate	VBN
www-sonatype-com-3567	300	96	its	-PRON-	PRP$
www-sonatype-com-3567	300	97	link	link	NN
www-sonatype-com-3567	300	98	to	to	IN
www-sonatype-com-3567	300	99	continuous	continuous	JJ
www-sonatype-com-3567	300	100	delivery	delivery	NN
www-sonatype-com-3567	300	101	,	,	,
www-sonatype-com-3567	300	102	culture	culture	NN
www-sonatype-com-3567	300	103	,	,	,
www-sonatype-com-3567	300	104	lean	lean	JJ
www-sonatype-com-3567	300	105	product	product	NN
www-sonatype-com-3567	300	106	development	development	NN
www-sonatype-com-3567	300	107	,	,	,
www-sonatype-com-3567	300	108	etc	etc	FW
www-sonatype-com-3567	300	109	.	.	.
www-sonatype-com-3567	301	1	Our	-PRON-	PRP$
www-sonatype-com-3567	301	2	intent	intent	NN
www-sonatype-com-3567	301	3	was	be	VBD
www-sonatype-com-3567	301	4	to	to	TO
www-sonatype-com-3567	301	5	further	further	RB
www-sonatype-com-3567	301	6	explore	explore	VB
www-sonatype-com-3567	301	7	other	other	JJ
www-sonatype-com-3567	301	8	practices	practice	NNS
www-sonatype-com-3567	301	9	that	that	WDT
www-sonatype-com-3567	301	10	could	could	MD
www-sonatype-com-3567	301	11	improve	improve	VB
www-sonatype-com-3567	301	12	aspects	aspect	NNS
www-sonatype-com-3567	301	13	of	of	IN
www-sonatype-com-3567	301	14	productivity	productivity	NN
www-sonatype-com-3567	301	15	,	,	,
www-sonatype-com-3567	301	16	which	which	WDT
www-sonatype-com-3567	301	17	revealed	reveal	VBD
www-sonatype-com-3567	301	18	some	some	DT
www-sonatype-com-3567	301	19	surprises	surprise	NNS
www-sonatype-com-3567	301	20	.	.	.
www-sonatype-com-3567	302	1	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	302	2	PRODUCTIVITY	PRODUCTIVITY	NNP
www-sonatype-com-3567	302	3	OUTCOMES	OUTCOMES	NNP
www-sonatype-com-3567	302	4	:	:	:
www-sonatype-com-3567	302	5	Developer	developer	NN
www-sonatype-com-3567	302	6	Portability	Portability	NNP
www-sonatype-com-3567	302	7	Measured	measure	VBN
www-sonatype-com-3567	302	8	as	as	IN
www-sonatype-com-3567	302	9	the	the	DT
www-sonatype-com-3567	302	10	time	time	NN
www-sonatype-com-3567	302	11	required	require	VBN
www-sonatype-com-3567	302	12	for	for	IN
www-sonatype-com-3567	302	13	developers	developer	NNS
www-sonatype-com-3567	302	14	to	to	TO
www-sonatype-com-3567	302	15	reach	reach	VB
www-sonatype-com-3567	302	16	normal	normal	JJ
www-sonatype-com-3567	302	17	productivity	productivity	NN
www-sonatype-com-3567	302	18	when	when	WRB
www-sonatype-com-3567	302	19	switching	switch	VBG
www-sonatype-com-3567	302	20	teams	team	NNS
www-sonatype-com-3567	302	21	.	.	.
www-sonatype-com-3567	303	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	303	2	RESULT	RESULT	NNP
www-sonatype-com-3567	303	3	(	(	-LRB-
www-sonatype-com-3567	303	4	R2	R2	NNP
www-sonatype-com-3567	303	5	=	=	SYM
www-sonatype-com-3567	303	6	0.15	0.15	CD
www-sonatype-com-3567	303	7	)	)	-RRB-
www-sonatype-com-3567	303	8	More	more	RBR
www-sonatype-com-3567	303	9	centralized	centralized	JJ
www-sonatype-com-3567	303	10	and	and	CC
www-sonatype-com-3567	303	11	standardized	standardize	VBD
www-sonatype-com-3567	303	12	DevOps	DevOps	NNP
www-sonatype-com-3567	303	13	automation	automation	NN
www-sonatype-com-3567	303	14	across	across	IN
www-sonatype-com-3567	303	15	teams	team	NNS
www-sonatype-com-3567	303	16	will	will	MD
www-sonatype-com-3567	303	17	allow	allow	VB
www-sonatype-com-3567	303	18	develop-	develop-	NNP
www-sonatype-com-3567	303	19	ers	ers	NNP
www-sonatype-com-3567	303	20	to	to	TO
www-sonatype-com-3567	303	21	become	become	VB
www-sonatype-com-3567	303	22	more	more	RBR
www-sonatype-com-3567	303	23	productive	productive	JJ
www-sonatype-com-3567	303	24	more	more	RBR
www-sonatype-com-3567	303	25	quickly	quickly	RB
www-sonatype-com-3567	303	26	when	when	WRB
www-sonatype-com-3567	303	27	switching	switch	VBG
www-sonatype-com-3567	303	28	between	between	IN
www-sonatype-com-3567	303	29	teams	team	NNS
www-sonatype-com-3567	303	30	.	.	.
www-sonatype-com-3567	304	1	VALIDATED	VALIDATED	NNP
www-sonatype-com-3567	304	2	.	.	.
www-sonatype-com-3567	305	1	The	the	DT
www-sonatype-com-3567	305	2	top	top	JJ
www-sonatype-com-3567	305	3	two	two	CD
www-sonatype-com-3567	305	4	factors	factor	NNS
www-sonatype-com-3567	305	5	in	in	IN
www-sonatype-com-3567	305	6	explaining	explain	VBG
www-sonatype-com-3567	305	7	developer	developer	NN
www-sonatype-com-3567	305	8	flexibility	flexibility	NN
www-sonatype-com-3567	305	9	were	be	VBD
www-sonatype-com-3567	305	10	:	:	:
www-sonatype-com-3567	305	11	⊲	⊲	NFP
www-sonatype-com-3567	305	12	Having	have	VBG
www-sonatype-com-3567	305	13	a	a	DT
www-sonatype-com-3567	305	14	centralized	centralized	JJ
www-sonatype-com-3567	305	15	record	record	NN
www-sonatype-com-3567	305	16	of	of	IN
www-sonatype-com-3567	305	17	applications	application	NNS
www-sonatype-com-3567	305	18	,	,	,
www-sonatype-com-3567	305	19	their	-PRON-	PRP$
www-sonatype-com-3567	305	20	dependencies	dependency	NNS
www-sonatype-com-3567	305	21	,	,	,
www-sonatype-com-3567	305	22	and	and	CC
www-sonatype-com-3567	305	23	the	the	DT
www-sonatype-com-3567	305	24	associated	associated	JJ
www-sonatype-com-3567	305	25	development	development	NN
www-sonatype-com-3567	305	26	teams	team	NNS
www-sonatype-com-3567	305	27	⊲	⊲	NFP
www-sonatype-com-3567	305	28	Having	have	VBG
www-sonatype-com-3567	305	29	automated	automate	VBN
www-sonatype-com-3567	305	30	deployments	deployment	NNS
www-sonatype-com-3567	305	31	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	305	32	PRODUCTIVITY	PRODUCTIVITY	NNP
www-sonatype-com-3567	305	33	OUTCOMES	outcomes	RB
www-sonatype-com-3567	305	34	:	:	:
www-sonatype-com-3567	305	35	OSS	OSS	NNP
www-sonatype-com-3567	305	36	Component	Component	NNP
www-sonatype-com-3567	305	37	Approval	Approval	NNP
www-sonatype-com-3567	305	38	Times	Times	NNP
www-sonatype-com-3567	305	39	Measured	measure	VBN
www-sonatype-com-3567	305	40	as	as	IN
www-sonatype-com-3567	305	41	the	the	DT
www-sonatype-com-3567	305	42	time	time	NN
www-sonatype-com-3567	305	43	it	-PRON-	PRP
www-sonatype-com-3567	305	44	takes	take	VBZ
www-sonatype-com-3567	305	45	for	for	IN
www-sonatype-com-3567	305	46	developers	developer	NNS
www-sonatype-com-3567	305	47	to	to	TO
www-sonatype-com-3567	305	48	get	get	VB
www-sonatype-com-3567	305	49	a	a	DT
www-sonatype-com-3567	305	50	new	new	JJ
www-sonatype-com-3567	305	51	OSS	OSS	NNP
www-sonatype-com-3567	305	52	library	library	NN
www-sonatype-com-3567	305	53	approved	approve	VBN
www-sonatype-com-3567	305	54	for	for	IN
www-sonatype-com-3567	305	55	use	use	NN
www-sonatype-com-3567	305	56	.	.	.
www-sonatype-com-3567	306	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	306	2	RESULT	RESULT	NNP
www-sonatype-com-3567	306	3	(	(	-LRB-
www-sonatype-com-3567	306	4	R2	R2	NNP
www-sonatype-com-3567	306	5	=	=	SYM
www-sonatype-com-3567	306	6	0.16	0.16	CD
www-sonatype-com-3567	306	7	)	)	-RRB-
www-sonatype-com-3567	306	8	DISCUSSION	DISCUSSION	NNP
www-sonatype-com-3567	306	9	Automation	automation	NN
www-sonatype-com-3567	306	10	of	of	IN
www-sonatype-com-3567	306	11	governance	governance	NN
www-sonatype-com-3567	306	12	workflows	workflow	NNS
www-sonatype-com-3567	306	13	and	and	CC
www-sonatype-com-3567	306	14	monitoring	monitoring	NN
www-sonatype-com-3567	306	15	would	would	MD
www-sonatype-com-3567	306	16	be	be	VB
www-sonatype-com-3567	306	17	a	a	DT
www-sonatype-com-3567	306	18	primary	primary	JJ
www-sonatype-com-3567	306	19	factor	factor	NN
www-sonatype-com-3567	306	20	in	in	IN
www-sonatype-com-3567	306	21	decreasing	decrease	VBG
www-sonatype-com-3567	306	22	OSS	OSS	NNP
www-sonatype-com-3567	306	23	approval	approval	NN
www-sonatype-com-3567	306	24	times	time	NNS
www-sonatype-com-3567	306	25	.	.	.
www-sonatype-com-3567	307	1	CONFIRMED	CONFIRMED	NNP
www-sonatype-com-3567	307	2	.	.	.
www-sonatype-com-3567	308	1	*	*	NFP
www-sonatype-com-3567	308	2	The	the	DT
www-sonatype-com-3567	308	3	fastest	fast	JJS
www-sonatype-com-3567	308	4	approval	approval	NN
www-sonatype-com-3567	308	5	times	time	NNS
www-sonatype-com-3567	308	6	were	be	VBD
www-sonatype-com-3567	308	7	measured	measure	VBN
www-sonatype-com-3567	308	8	in	in	IN
www-sonatype-com-3567	308	9	the	the	DT
www-sonatype-com-3567	308	10	Productivity	Productivity	NNP
www-sonatype-com-3567	308	11	First	First	NNP
www-sonatype-com-3567	308	12	group	group	NN
www-sonatype-com-3567	308	13	,	,	,
www-sonatype-com-3567	308	14	where	where	WRB
www-sonatype-com-3567	308	15	72	72	CD
www-sonatype-com-3567	308	16	%	%	NN
www-sonatype-com-3567	308	17	reported	report	VBD
www-sonatype-com-3567	308	18	“	"	``
www-sonatype-com-3567	308	19	no	no	DT
www-sonatype-com-3567	308	20	approval	approval	NN
www-sonatype-com-3567	308	21	necessary	necessary	JJ
www-sonatype-com-3567	308	22	.	.	.
www-sonatype-com-3567	308	23	”	"	''
www-sonatype-com-3567	308	24	Of	of	IN
www-sonatype-com-3567	308	25	those	those	DT
www-sonatype-com-3567	308	26	who	who	WP
www-sonatype-com-3567	308	27	had	have	VBD
www-sonatype-com-3567	308	28	an	an	DT
www-sonatype-com-3567	308	29	approval	approval	NN
www-sonatype-com-3567	308	30	process	process	NN
www-sonatype-com-3567	308	31	,	,	,
www-sonatype-com-3567	308	32	the	the	DT
www-sonatype-com-3567	308	33	median	median	JJ
www-sonatype-com-3567	308	34	approval	approval	NN
www-sonatype-com-3567	308	35	time	time	NN
www-sonatype-com-3567	308	36	was	be	VBD
www-sonatype-com-3567	308	37	“	"	``
www-sonatype-com-3567	308	38	less	less	JJR
www-sonatype-com-3567	308	39	than	than	IN
www-sonatype-com-3567	308	40	1	1	CD
www-sonatype-com-3567	308	41	day	day	NN
www-sonatype-com-3567	308	42	.	.	.
www-sonatype-com-3567	308	43	”	"	''
www-sonatype-com-3567	308	44	*	*	NFP
www-sonatype-com-3567	308	45	While	while	IN
www-sonatype-com-3567	308	46	approvals	approval	NNS
www-sonatype-com-3567	308	47	were	be	VBD
www-sonatype-com-3567	308	48	fast	fast	JJ
www-sonatype-com-3567	308	49	,	,	,
www-sonatype-com-3567	308	50	their	-PRON-	PRP$
www-sonatype-com-3567	308	51	process	process	NN
www-sonatype-com-3567	308	52	lacked	lack	VBD
www-sonatype-com-3567	308	53	effectiveness	effectiveness	NN
www-sonatype-com-3567	308	54	,	,	,
www-sonatype-com-3567	308	55	as	as	IN
www-sonatype-com-3567	308	56	demonstrated	demonstrate	VBN
www-sonatype-com-3567	308	57	by	by	IN
www-sonatype-com-3567	308	58	the	the	DT
www-sonatype-com-3567	308	59	cluster	cluster	NN
www-sonatype-com-3567	308	60	’s	’s	POS
www-sonatype-com-3567	308	61	poor	poor	JJ
www-sonatype-com-3567	308	62	risk	risk	NN
www-sonatype-com-3567	308	63	management	management	NN
www-sonatype-com-3567	308	64	outcomes	outcome	NNS
www-sonatype-com-3567	308	65	(	(	-LRB-
www-sonatype-com-3567	308	66	SEE	see	UH
www-sonatype-com-3567	308	67	FIGURE	FIGURE	NNP
www-sonatype-com-3567	308	68	4B	4b	NN
www-sonatype-com-3567	308	69	)	)	-RRB-
www-sonatype-com-3567	308	70	By	by	IN
www-sonatype-com-3567	308	71	comparison	comparison	NN
www-sonatype-com-3567	308	72	,	,	,
www-sonatype-com-3567	308	73	the	the	DT
www-sonatype-com-3567	308	74	High	High	NNP
www-sonatype-com-3567	308	75	Performers	Performers	NNP
www-sonatype-com-3567	308	76	cluster	cluster	NN
www-sonatype-com-3567	308	77	had	have	VBD
www-sonatype-com-3567	308	78	the	the	DT
www-sonatype-com-3567	308	79	second	second	RB
www-sonatype-com-3567	308	80	-	-	HYPH
www-sonatype-com-3567	308	81	fastest	fast	JJS
www-sonatype-com-3567	308	82	approval	approval	NN
www-sonatype-com-3567	308	83	times	time	NNS
www-sonatype-com-3567	308	84	overall	overall	RB
www-sonatype-com-3567	308	85	,	,	,
www-sonatype-com-3567	308	86	with	with	IN
www-sonatype-com-3567	308	87	a	a	DT
www-sonatype-com-3567	308	88	median	median	JJ
www-sonatype-com-3567	308	89	approval	approval	NN
www-sonatype-com-3567	308	90	time	time	NN
www-sonatype-com-3567	308	91	of	of	IN
www-sonatype-com-3567	308	92	“	"	``
www-sonatype-com-3567	308	93	between	between	IN
www-sonatype-com-3567	308	94	1	1	CD
www-sonatype-com-3567	308	95	day	day	NN
www-sonatype-com-3567	308	96	and	and	CC
www-sonatype-com-3567	308	97	1	1	CD
www-sonatype-com-3567	308	98	week	week	NN
www-sonatype-com-3567	308	99	.	.	.
www-sonatype-com-3567	308	100	”	"	''
www-sonatype-com-3567	308	101	This	this	DT
www-sonatype-com-3567	308	102	demonstrates	demonstrate	VBZ
www-sonatype-com-3567	308	103	that	that	IN
www-sonatype-com-3567	308	104	you	-PRON-	PRP
www-sonatype-com-3567	308	105	can	can	MD
www-sonatype-com-3567	308	106	have	have	VB
www-sonatype-com-3567	308	107	great	great	JJ
www-sonatype-com-3567	308	108	security	security	NN
www-sonatype-com-3567	308	109	outcomes	outcome	NNS
www-sonatype-com-3567	308	110	using	use	VBG
www-sonatype-com-3567	308	111	automated	automate	VBN
www-sonatype-com-3567	308	112	governance	governance	NN
www-sonatype-com-3567	308	113	while	while	IN
www-sonatype-com-3567	308	114	maintaining	maintain	VBG
www-sonatype-com-3567	308	115	high	high	JJ
www-sonatype-com-3567	308	116	productivity	productivity	NN
www-sonatype-com-3567	308	117	.	.	.
www-sonatype-com-3567	309	1	When	when	WRB
www-sonatype-com-3567	309	2	we	-PRON-	PRP
www-sonatype-com-3567	309	3	exclude	exclude	VBP
www-sonatype-com-3567	309	4	all	all	DT
www-sonatype-com-3567	309	5	“	"	``
www-sonatype-com-3567	309	6	no	no	DT
www-sonatype-com-3567	309	7	OSS	oss	NN
www-sonatype-com-3567	309	8	approval	approval	NN
www-sonatype-com-3567	309	9	necessary	necessary	JJ
www-sonatype-com-3567	309	10	”	"	''
www-sonatype-com-3567	309	11	respondents	respondent	NNS
www-sonatype-com-3567	309	12	,	,	,
www-sonatype-com-3567	309	13	the	the	DT
www-sonatype-com-3567	309	14	top	top	JJ
www-sonatype-com-3567	309	15	factors	factor	NNS
www-sonatype-com-3567	309	16	associated	associate	VBN
www-sonatype-com-3567	309	17	with	with	IN
www-sonatype-com-3567	309	18	shorter	short	JJR
www-sonatype-com-3567	309	19	approval	approval	NN
www-sonatype-com-3567	309	20	times	time	NNS
www-sonatype-com-3567	309	21	are	be	VBP
www-sonatype-com-3567	309	22	“	"	``
www-sonatype-com-3567	309	23	OSS	OSS	NNP
www-sonatype-com-3567	309	24	Enlightenment	Enlightenment	NNP
www-sonatype-com-3567	309	25	”	"	''
www-sonatype-com-3567	309	26	,	,	,
www-sonatype-com-3567	309	27	prioritizing	prioritize	VBG
www-sonatype-com-3567	309	28	commercial	commercial	NN
www-sonatype-com-3567	309	29	or	or	CC
www-sonatype-com-3567	309	30	foundation	foundation	NN
www-sonatype-com-3567	309	31	support	support	NN
www-sonatype-com-3567	309	32	for	for	IN
www-sonatype-com-3567	309	33	dependencies	dependency	NNS
www-sonatype-com-3567	309	34	,	,	,
www-sonatype-com-3567	309	35	and	and	CC
www-sonatype-com-3567	309	36	centralizing	centralize	VBG
www-sonatype-com-3567	309	37	scanning	scanning	NN
www-sonatype-com-3567	309	38	for	for	IN
www-sonatype-com-3567	309	39	OSS	oss	NN
www-sonatype-com-3567	309	40	dependencies	dependency	NNS
www-sonatype-com-3567	309	41	⊲	⊲	NFP
www-sonatype-com-3567	309	42	It	-PRON-	PRP
www-sonatype-com-3567	309	43	’s	’	VBZ
www-sonatype-com-3567	309	44	surprising	surprising	JJ
www-sonatype-com-3567	309	45	to	to	TO
www-sonatype-com-3567	309	46	see	see	VB
www-sonatype-com-3567	309	47	OSS	OSS	NNP
www-sonatype-com-3567	309	48	Enlightenment	Enlightenment	NNP
www-sonatype-com-3567	309	49	here	here	RB
www-sonatype-com-3567	309	50	,	,	,
www-sonatype-com-3567	309	51	but	but	CC
www-sonatype-com-3567	309	52	we	-PRON-	PRP
www-sonatype-com-3567	309	53	suspect	suspect	VBP
www-sonatype-com-3567	309	54	it	-PRON-	PRP
www-sonatype-com-3567	309	55	’s	’	VBZ
www-sonatype-com-3567	309	56	because	because	IN
www-sonatype-com-3567	309	57	having	have	VBG
www-sonatype-com-3567	309	58	familiarity	familiarity	NN
www-sonatype-com-3567	309	59	with	with	IN
www-sonatype-com-3567	309	60	the	the	DT
www-sonatype-com-3567	309	61	open	open	JJ
www-sonatype-com-3567	309	62	source	source	NN
www-sonatype-com-3567	309	63	community	community	NN
www-sonatype-com-3567	309	64	leads	lead	VBZ
www-sonatype-com-3567	309	65	to	to	IN
www-sonatype-com-3567	309	66	faster	fast	JJR
www-sonatype-com-3567	309	67	research	research	NN
www-sonatype-com-3567	309	68	and	and	CC
www-sonatype-com-3567	309	69	decision	decision	NN
www-sonatype-com-3567	309	70	making	making	NN
www-sonatype-com-3567	309	71	.	.	.
www-sonatype-com-3567	310	1	⊲	⊲	NFP
www-sonatype-com-3567	310	2	Prioritizing	prioritize	VBG
www-sonatype-com-3567	310	3	the	the	DT
www-sonatype-com-3567	310	4	identification	identification	NN
www-sonatype-com-3567	310	5	of	of	IN
www-sonatype-com-3567	310	6	commercial	commercial	JJ
www-sonatype-com-3567	310	7	or	or	CC
www-sonatype-com-3567	310	8	foundation	foundation	NN
www-sonatype-com-3567	310	9	support	support	NN
www-sonatype-com-3567	310	10	for	for	IN
www-sonatype-com-3567	310	11	dependencies	dependency	NNS
www-sonatype-com-3567	310	12	is	be	VBZ
www-sonatype-com-3567	310	13	associated	associate	VBN
www-sonatype-com-3567	310	14	with	with	IN
www-sonatype-com-3567	310	15	slower	slow	JJR
www-sonatype-com-3567	310	16	approval	approval	NN
www-sonatype-com-3567	310	17	times	time	NNS
www-sonatype-com-3567	310	18	,	,	,
www-sonatype-com-3567	310	19	indicating	indicate	VBG
www-sonatype-com-3567	310	20	that	that	IN
www-sonatype-com-3567	310	21	this	this	DT
www-sonatype-com-3567	310	22	takes	take	VBZ
www-sonatype-com-3567	310	23	time	time	NN
www-sonatype-com-3567	310	24	to	to	TO
www-sonatype-com-3567	310	25	assess	assess	VB
www-sonatype-com-3567	310	26	and	and	CC
www-sonatype-com-3567	310	27	research	research	VB
www-sonatype-com-3567	310	28	.	.	.
www-sonatype-com-3567	311	1	⊲	⊲	NFP
www-sonatype-com-3567	311	2	Having	have	VBG
www-sonatype-com-3567	311	3	automated	automate	VBN
www-sonatype-com-3567	311	4	,	,	,
www-sonatype-com-3567	311	5	centralized	centralized	JJ
www-sonatype-com-3567	311	6	scanning	scanning	NN
www-sonatype-com-3567	311	7	of	of	IN
www-sonatype-com-3567	311	8	OSS	OSS	NNP
www-sonatype-com-3567	311	9	dependencies	dependency	NNS
www-sonatype-com-3567	311	10	accelerates	accelerate	VBZ
www-sonatype-com-3567	311	11	approval	approval	NN
www-sonatype-com-3567	311	12	times	time	NNS
www-sonatype-com-3567	311	13	,	,	,
www-sonatype-com-3567	311	14	as	as	RB
www-sonatype-com-3567	311	15	well	well	RB
www-sonatype-com-3567	311	16	as	as	IN
www-sonatype-com-3567	311	17	detection	detection	NN
www-sonatype-com-3567	311	18	and	and	CC
www-sonatype-com-3567	311	19	remediation	remediation	NN
www-sonatype-com-3567	311	20	responses	response	NNS
www-sonatype-com-3567	311	21	enabled	enable	VBD
www-sonatype-com-3567	311	22	through	through	IN
www-sonatype-com-3567	311	23	SBOMs	SBOMs	NNPS
www-sonatype-com-3567	311	24	.	.	.
www-sonatype-com-3567	312	1	INFLUENCING	INFLUENCING	NNP
www-sonatype-com-3567	312	2	PRODUCTIVITY	PRODUCTIVITY	NNP
www-sonatype-com-3567	312	3	OUTCOMES	outcomes	RB
www-sonatype-com-3567	312	4	:	:	:
www-sonatype-com-3567	312	5	Internal	internal	JJ
www-sonatype-com-3567	312	6	Forks	fork	NNS
www-sonatype-com-3567	312	7	Measured	measure	VBN
www-sonatype-com-3567	312	8	as	as	IN
www-sonatype-com-3567	312	9	how	how	WRB
www-sonatype-com-3567	312	10	common	common	JJ
www-sonatype-com-3567	312	11	it	-PRON-	PRP
www-sonatype-com-3567	312	12	is	be	VBZ
www-sonatype-com-3567	312	13	for	for	IN
www-sonatype-com-3567	312	14	internally	internally	RB
www-sonatype-com-3567	312	15	modified	modify	VBN
www-sonatype-com-3567	312	16	versions	version	NNS
www-sonatype-com-3567	312	17	of	of	IN
www-sonatype-com-3567	312	18	open	open	JJ
www-sonatype-com-3567	312	19	source	source	NN
www-sonatype-com-3567	312	20	projects	project	NNS
www-sonatype-com-3567	312	21	to	to	TO
www-sonatype-com-3567	312	22	be	be	VB
www-sonatype-com-3567	312	23	maintained	maintain	VBN
www-sonatype-com-3567	312	24	.	.	.
www-sonatype-com-3567	313	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	313	2	RESULT	RESULT	NNP
www-sonatype-com-3567	313	3	(	(	-LRB-
www-sonatype-com-3567	313	4	R2	R2	NNP
www-sonatype-com-3567	313	5	=	=	SYM
www-sonatype-com-3567	313	6	0.16	0.16	CD
www-sonatype-com-3567	313	7	)	)	-RRB-
www-sonatype-com-3567	313	8	DISCUSSION	DISCUSSION	NNP
www-sonatype-com-3567	313	9	Organizations	Organizations	NNP
www-sonatype-com-3567	313	10	that	that	WDT
www-sonatype-com-3567	313	11	take	take	VBP
www-sonatype-com-3567	313	12	a	a	DT
www-sonatype-com-3567	313	13	more	more	RBR
www-sonatype-com-3567	313	14	active	active	JJ
www-sonatype-com-3567	313	15	role	role	NN
www-sonatype-com-3567	313	16	in	in	IN
www-sonatype-com-3567	313	17	open	open	JJ
www-sonatype-com-3567	313	18	source	source	NN
www-sonatype-com-3567	313	19	development	development	NN
www-sonatype-com-3567	313	20	will	will	MD
www-sonatype-com-3567	313	21	maintain	maintain	VB
www-sonatype-com-3567	313	22	fewer	few	JJR
www-sonatype-com-3567	313	23	internal	internal	JJ
www-sonatype-com-3567	313	24	forks	fork	NNS
www-sonatype-com-3567	313	25	of	of	IN
www-sonatype-com-3567	313	26	open	open	JJ
www-sonatype-com-3567	313	27	source	source	NN
www-sonatype-com-3567	313	28	projects	project	NNS
www-sonatype-com-3567	313	29	.	.	.
www-sonatype-com-3567	314	1	NOT	not	RB
www-sonatype-com-3567	314	2	SUPPORTED	support	VBN
www-sonatype-com-3567	314	3	.	.	.
www-sonatype-com-3567	315	1	⊲	⊲	NFP
www-sonatype-com-3567	315	2	We	-PRON-	PRP
www-sonatype-com-3567	315	3	found	find	VBD
www-sonatype-com-3567	315	4	that	that	IN
www-sonatype-com-3567	315	5	High	High	NNP
www-sonatype-com-3567	315	6	Performers	Performers	NNPS
www-sonatype-com-3567	315	7	were	be	VBD
www-sonatype-com-3567	315	8	more	more	RBR
www-sonatype-com-3567	315	9	likely	likely	JJ
www-sonatype-com-3567	315	10	to	to	TO
www-sonatype-com-3567	315	11	maintain	maintain	VB
www-sonatype-com-3567	315	12	internal	internal	JJ
www-sonatype-com-3567	315	13	forks	fork	NNS
www-sonatype-com-3567	315	14	of	of	IN
www-sonatype-com-3567	315	15	open	open	JJ
www-sonatype-com-3567	315	16	source	source	NN
www-sonatype-com-3567	315	17	projects	project	NNS
www-sonatype-com-3567	315	18	.	.	.
www-sonatype-com-3567	316	1	Upon	upon	IN
www-sonatype-com-3567	316	2	reflec-	reflec-	JJ
www-sonatype-com-3567	316	3	tion	tion	NN
www-sonatype-com-3567	316	4	,	,	,
www-sonatype-com-3567	316	5	we	-PRON-	PRP
www-sonatype-com-3567	316	6	believe	believe	VBP
www-sonatype-com-3567	316	7	this	this	DT
www-sonatype-com-3567	316	8	is	be	VBZ
www-sonatype-com-3567	316	9	because	because	IN
www-sonatype-com-3567	316	10	internal	internal	JJ
www-sonatype-com-3567	316	11	versions	version	NNS
www-sonatype-com-3567	316	12	are	be	VBP
www-sonatype-com-3567	316	13	required	require	VBN
www-sonatype-com-3567	316	14	to	to	TO
www-sonatype-com-3567	316	15	make	make	VB
www-sonatype-com-3567	316	16	changes	change	NNS
www-sonatype-com-3567	316	17	and	and	CC
www-sonatype-com-3567	316	18	develop	develop	VB
www-sonatype-com-3567	316	19	new	new	JJ
www-sonatype-com-3567	316	20	features	feature	NNS
www-sonatype-com-3567	316	21	,	,	,
www-sonatype-com-3567	316	22	even	even	RB
www-sonatype-com-3567	316	23	when	when	WRB
www-sonatype-com-3567	316	24	these	these	DT
www-sonatype-com-3567	316	25	are	be	VBP
www-sonatype-com-3567	316	26	being	be	VBG
www-sonatype-com-3567	316	27	regularly	regularly	RB
www-sonatype-com-3567	316	28	contributed	contribute	VBN
www-sonatype-com-3567	316	29	back	back	RB
www-sonatype-com-3567	316	30	.	.	.
www-sonatype-com-3567	317	1	In	in	IN
www-sonatype-com-3567	317	2	a	a	DT
www-sonatype-com-3567	317	3	future	future	JJ
www-sonatype-com-3567	317	4	survey	survey	NN
www-sonatype-com-3567	317	5	,	,	,
www-sonatype-com-3567	317	6	we	-PRON-	PRP
www-sonatype-com-3567	317	7	will	will	MD
www-sonatype-com-3567	317	8	ask	ask	VB
www-sonatype-com-3567	317	9	about	about	IN
www-sonatype-com-3567	317	10	long	long	RB
www-sonatype-com-3567	317	11	-	-	HYPH
www-sonatype-com-3567	317	12	lived	live	VBN
www-sonatype-com-3567	317	13	internal	internal	JJ
www-sonatype-com-3567	317	14	forks	fork	NNS
www-sonatype-com-3567	317	15	that	that	WDT
www-sonatype-com-3567	317	16	diverge	diverge	VBP
www-sonatype-com-3567	317	17	from	from	IN
www-sonatype-com-3567	317	18	the	the	DT
www-sonatype-com-3567	317	19	original	original	JJ
www-sonatype-com-3567	317	20	repository	repository	NN
www-sonatype-com-3567	317	21	in	in	IN
www-sonatype-com-3567	317	22	order	order	NN
www-sonatype-com-3567	317	23	to	to	TO
www-sonatype-com-3567	317	24	better	well	RBR
www-sonatype-com-3567	317	25	capture	capture	VB
www-sonatype-com-3567	317	26	the	the	DT
www-sonatype-com-3567	317	27	distinction	distinction	NN
www-sonatype-com-3567	317	28	between	between	IN
www-sonatype-com-3567	317	29	forking	fork	VBG
www-sonatype-com-3567	317	30	to	to	TO
www-sonatype-com-3567	317	31	contribute	contribute	VB
www-sonatype-com-3567	317	32	back	back	RB
www-sonatype-com-3567	317	33	(	(	-LRB-
www-sonatype-com-3567	317	34	generally	generally	RB
www-sonatype-com-3567	317	35	good	good	JJ
www-sonatype-com-3567	317	36	)	)	-RRB-
www-sonatype-com-3567	317	37	and	and	CC
www-sonatype-com-3567	317	38	forking	fork	VBG
www-sonatype-com-3567	317	39	to	to	TO
www-sonatype-com-3567	317	40	avoid	avoid	VB
www-sonatype-com-3567	317	41	keeping	keep	VBG
www-sonatype-com-3567	317	42	up	up	RB
www-sonatype-com-3567	317	43	-	-	HYPH
www-sonatype-com-3567	317	44	to	to	IN
www-sonatype-com-3567	317	45	-	-	HYPH
www-sonatype-com-3567	317	46	date	date	NN
www-sonatype-com-3567	317	47	(	(	-LRB-
www-sonatype-com-3567	317	48	generally	generally	RB
www-sonatype-com-3567	317	49	bad	bad	JJ
www-sonatype-com-3567	317	50	)	)	-RRB-
www-sonatype-com-3567	317	51	.	.	.
www-sonatype-com-3567	318	1	C	c	NN
www-sonatype-com-3567	318	2	H	h	NN
www-sonatype-com-3567	318	3	A	a	NN
www-sonatype-com-3567	318	4	P	p	NN
www-sonatype-com-3567	318	5	T	t	NN
www-sonatype-com-3567	318	6	E	e	NN
www-sonatype-com-3567	318	7	R	r	NN
www-sonatype-com-3567	318	8	4	4	CD
www-sonatype-com-3567	318	9	:	:	:
www-sonatype-com-3567	318	10	H	h	NN
www-sonatype-com-3567	318	11	O	o	NN
www-sonatype-com-3567	318	12	W	w	NN
www-sonatype-com-3567	318	13	H	h	NN
www-sonatype-com-3567	318	14	IG	ig	NN
www-sonatype-com-3567	318	15	H	h	NN
www-sonatype-com-3567	318	16	P	p	NN
www-sonatype-com-3567	318	17	E	e	NN
www-sonatype-com-3567	318	18	R	r	NN
www-sonatype-com-3567	318	19	F	f	NN
www-sonatype-com-3567	318	20	O	o	NN
www-sonatype-com-3567	318	21	R	r	NN
www-sonatype-com-3567	318	22	M	m	NN
www-sonatype-com-3567	318	23	A	A	NNP
www-sonatype-com-3567	318	24	N	n	NN
www-sonatype-com-3567	318	25	C	c	NN
www-sonatype-com-3567	318	26	E	e	NN
www-sonatype-com-3567	318	27	T	t	NN
www-sonatype-com-3567	318	28	E	e	NN
www-sonatype-com-3567	318	29	A	a	NN
www-sonatype-com-3567	318	30	M	m	NN
www-sonatype-com-3567	318	31	S	s	NN
www-sonatype-com-3567	318	32	M	M	NNP
www-sonatype-com-3567	318	33	A	A	NNP
www-sonatype-com-3567	318	34	N	N	NNP
www-sonatype-com-3567	318	35	A	a	NN
www-sonatype-com-3567	318	36	G	g	NN
www-sonatype-com-3567	318	37	E	e	NN
www-sonatype-com-3567	318	38	O	o	NN
www-sonatype-com-3567	318	39	P	p	NN
www-sonatype-com-3567	318	40	E	e	NN
www-sonatype-com-3567	318	41	N	n	NN
www-sonatype-com-3567	318	42	S	s	NN
www-sonatype-com-3567	318	43	O	o	NN
www-sonatype-com-3567	318	44	U	u	NN
www-sonatype-com-3567	318	45	R	r	NN
www-sonatype-com-3567	318	46	C	c	NN
www-sonatype-com-3567	318	47	E	e	NN
www-sonatype-com-3567	318	48	S	s	NN
www-sonatype-com-3567	318	49	O	o	NN
www-sonatype-com-3567	318	50	F	f	NN
www-sonatype-com-3567	318	51	T	t	NN
www-sonatype-com-3567	318	52	W	w	NN
www-sonatype-com-3567	318	53	A	a	NN
www-sonatype-com-3567	318	54	R	r	NN
www-sonatype-com-3567	318	55	E	e	NN
www-sonatype-com-3567	318	56	S	s	NN
www-sonatype-com-3567	318	57	U	u	NN
www-sonatype-com-3567	318	58	P	p	NN
www-sonatype-com-3567	318	59	P	p	NN
www-sonatype-com-3567	318	60	LY	ly	NN
www-sonatype-com-3567	318	61	C	c	NN
www-sonatype-com-3567	318	62	H	h	NN
www-sonatype-com-3567	318	63	A	a	NN
www-sonatype-com-3567	318	64	IN	in	NN
www-sonatype-com-3567	318	65	262020	262020	CD
www-sonatype-com-3567	318	66	STATE	STATE	NNP
www-sonatype-com-3567	318	67	OF	of	IN
www-sonatype-com-3567	318	68	THE	the	DT
www-sonatype-com-3567	318	69	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	318	70	SUPPLY	supply	NN
www-sonatype-com-3567	318	71	CHAIN	chain	NN
www-sonatype-com-3567	318	72	REPORT	REPORT	VBZ
www-sonatype-com-3567	318	73	INFLUENCING	influencing	NN
www-sonatype-com-3567	318	74	JOB	job	NN
www-sonatype-com-3567	318	75	SATISFACTION	satisfaction	NN
www-sonatype-com-3567	318	76	:	:	:
www-sonatype-com-3567	318	77	Work	work	NN
www-sonatype-com-3567	318	78	Attitudes	Attitudes	NNPS
www-sonatype-com-3567	318	79	and	and	CC
www-sonatype-com-3567	318	80	Motivation	Motivation	NNP
www-sonatype-com-3567	318	81	Measured	measure	VBD
www-sonatype-com-3567	318	82	various	various	JJ
www-sonatype-com-3567	318	83	aspects	aspect	NNS
www-sonatype-com-3567	318	84	of	of	IN
www-sonatype-com-3567	318	85	work	work	NN
www-sonatype-com-3567	318	86	including	include	VBG
www-sonatype-com-3567	318	87	organizational	organizational	JJ
www-sonatype-com-3567	318	88	support	support	NN
www-sonatype-com-3567	318	89	,	,	,
www-sonatype-com-3567	318	90	level	level	NN
www-sonatype-com-3567	318	91	of	of	IN
www-sonatype-com-3567	318	92	fit	fit	NN
www-sonatype-com-3567	318	93	between	between	IN
www-sonatype-com-3567	318	94	skills	skill	NNS
www-sonatype-com-3567	318	95	and	and	CC
www-sonatype-com-3567	318	96	tasks	task	NNS
www-sonatype-com-3567	318	97	,	,	,
www-sonatype-com-3567	318	98	and	and	CC
www-sonatype-com-3567	318	99	ability	ability	NN
www-sonatype-com-3567	318	100	to	to	TO
www-sonatype-com-3567	318	101	complete	complete	VB
www-sonatype-com-3567	318	102	work	work	NN
www-sonatype-com-3567	318	103	.	.	.
www-sonatype-com-3567	319	1	HYPOTHESIS	HYPOTHESIS	NNP
www-sonatype-com-3567	319	2	RESULT	RESULT	NNP
www-sonatype-com-3567	319	3	(	(	-LRB-
www-sonatype-com-3567	319	4	R2	R2	NNP
www-sonatype-com-3567	319	5	=	=	SYM
www-sonatype-com-3567	319	6	0.27	0.27	CD
www-sonatype-com-3567	319	7	)	)	-RRB-
www-sonatype-com-3567	319	8	DISCUSSION	DISCUSSION	NNP
www-sonatype-com-3567	319	9	High	High	NNP
www-sonatype-com-3567	319	10	Performers	Performers	NNP
www-sonatype-com-3567	319	11	would	would	MD
www-sonatype-com-3567	319	12	not	not	RB
www-sonatype-com-3567	319	13	only	only	RB
www-sonatype-com-3567	319	14	have	have	VB
www-sonatype-com-3567	319	15	better	well	JJR
www-sonatype-com-3567	319	16	security	security	NN
www-sonatype-com-3567	319	17	and	and	CC
www-sonatype-com-3567	319	18	higher	high	JJR
www-sonatype-com-3567	319	19	productivity	productivity	NN
www-sonatype-com-3567	319	20	,	,	,
www-sonatype-com-3567	319	21	but	but	CC
www-sonatype-com-3567	319	22	also	also	RB
www-sonatype-com-3567	319	23	higher	high	JJR
www-sonatype-com-3567	319	24	job	job	NN
www-sonatype-com-3567	319	25	satisfaction	satisfaction	NN
www-sonatype-com-3567	319	26	;	;	:
www-sonatype-com-3567	319	27	we	-PRON-	PRP
www-sonatype-com-3567	319	28	did	do	VBD
www-sonatype-com-3567	319	29	n’t	not	RB
www-sonatype-com-3567	319	30	hypothesize	hypothesize	VB
www-sonatype-com-3567	319	31	about	about	IN
www-sonatype-com-3567	319	32	any	any	DT
www-sonatype-com-3567	319	33	specific	specific	JJ
www-sonatype-com-3567	319	34	factors	factor	NNS
www-sonatype-com-3567	319	35	,	,	,
www-sonatype-com-3567	319	36	but	but	CC
www-sonatype-com-3567	319	37	we	-PRON-	PRP
www-sonatype-com-3567	319	38	were	be	VBD
www-sonatype-com-3567	319	39	curious	curious	JJ
www-sonatype-com-3567	319	40	about	about	IN
www-sonatype-com-3567	319	41	what	what	WP
www-sonatype-com-3567	319	42	factors	factor	NNS
www-sonatype-com-3567	319	43	were	be	VBD
www-sonatype-com-3567	319	44	associated	associate	VBN
www-sonatype-com-3567	319	45	with	with	IN
www-sonatype-com-3567	319	46	high	high	JJ
www-sonatype-com-3567	319	47	job	job	NN
www-sonatype-com-3567	319	48	satisfaction	satisfaction	NN
www-sonatype-com-3567	319	49	.	.	.
www-sonatype-com-3567	320	1	CONFIRMED	CONFIRMED	NNP
www-sonatype-com-3567	320	2	.	.	.
www-sonatype-com-3567	321	1	⊲	⊲	NFP
www-sonatype-com-3567	321	2	We	-PRON-	PRP
www-sonatype-com-3567	321	3	found	find	VBD
www-sonatype-com-3567	321	4	a	a	DT
www-sonatype-com-3567	321	5	surprisingly	surprisingly	RB
www-sonatype-com-3567	321	6	high	high	JJ
www-sonatype-com-3567	321	7	correlation	correlation	NN
www-sonatype-com-3567	321	8	approaching	approach	VBG
www-sonatype-com-3567	321	9	the	the	DT
www-sonatype-com-3567	321	10	levels	level	NNS
www-sonatype-com-3567	321	11	we	-PRON-	PRP
www-sonatype-com-3567	321	12	saw	see	VBD
www-sonatype-com-3567	321	13	with	with	IN
www-sonatype-com-3567	321	14	security	security	NN
www-sonatype-com-3567	321	15	-	-	HYPH
www-sonatype-com-3567	321	16	related	relate	VBN
www-sonatype-com-3567	321	17	outcomes	outcome	NNS
www-sonatype-com-3567	321	18	.	.	.
www-sonatype-com-3567	322	1	The	the	DT
www-sonatype-com-3567	322	2	top	top	JJ
www-sonatype-com-3567	322	3	factors	factor	NNS
www-sonatype-com-3567	322	4	were	be	VBD
www-sonatype-com-3567	322	5	:	:	:
www-sonatype-com-3567	322	6	ɡ	ɡ	LS
www-sonatype-com-3567	322	7	How	how	WRB
www-sonatype-com-3567	322	8	well	well	RB
www-sonatype-com-3567	322	9	an	an	DT
www-sonatype-com-3567	322	10	open	open	JJ
www-sonatype-com-3567	322	11	source	source	NN
www-sonatype-com-3567	322	12	risk	risk	NN
www-sonatype-com-3567	322	13	management	management	NN
www-sonatype-com-3567	322	14	initiative	initiative	NN
www-sonatype-com-3567	322	15	was	be	VBD
www-sonatype-com-3567	322	16	resourced	resource	VBN
www-sonatype-com-3567	322	17	and	and	CC
www-sonatype-com-3567	322	18	supported	support	VBN
www-sonatype-com-3567	322	19	ɡ	ɡ	NN
www-sonatype-com-3567	322	20	When	when	WRB
www-sonatype-com-3567	322	21	test	test	NN
www-sonatype-com-3567	322	22	suites	suite	NNS
www-sonatype-com-3567	322	23	were	be	VBD
www-sonatype-com-3567	322	24	used	use	VBN
www-sonatype-com-3567	322	25	—	—	:
www-sonatype-com-3567	322	26	and	and	CC
www-sonatype-com-3567	322	27	tests	test	NNS
www-sonatype-com-3567	322	28	passed	pass	VBD
www-sonatype-com-3567	322	29	—	—	:
www-sonatype-com-3567	322	30	there	there	EX
www-sonatype-com-3567	322	31	was	be	VBD
www-sonatype-com-3567	322	32	higher	high	JJR
www-sonatype-com-3567	322	33	confidence	confidence	NN
www-sonatype-com-3567	322	34	that	that	IN
www-sonatype-com-3567	322	35	the	the	DT
www-sonatype-com-3567	322	36	application	application	NN
www-sonatype-com-3567	322	37	would	would	MD
www-sonatype-com-3567	322	38	operate	operate	VB
www-sonatype-com-3567	322	39	as	as	IN
www-sonatype-com-3567	322	40	intended	intend	VBN
www-sonatype-com-3567	322	41	in	in	IN
www-sonatype-com-3567	322	42	production	production	NN
www-sonatype-com-3567	322	43	.	.	.
www-sonatype-com-3567	323	1	ɡ	ɡ	LS
www-sonatype-com-3567	323	2	Where	where	WRB
www-sonatype-com-3567	323	3	application	application	NN
www-sonatype-com-3567	323	4	deployments	deployment	NNS
www-sonatype-com-3567	323	5	(	(	-LRB-
www-sonatype-com-3567	323	6	including	include	VBG
www-sonatype-com-3567	323	7	configurations	configuration	NNS
www-sonatype-com-3567	323	8	)	)	-RRB-
www-sonatype-com-3567	323	9	were	be	VBD
www-sonatype-com-3567	323	10	fully	fully	RB
www-sonatype-com-3567	323	11	automated	automate	VBN
www-sonatype-com-3567	323	12	ɡ	ɡ	NN
www-sonatype-com-3567	323	13	Where	where	WRB
www-sonatype-com-3567	323	14	agile	agile	JJ
www-sonatype-com-3567	323	15	or	or	CC
www-sonatype-com-3567	323	16	DevOps	DevOps	NNP
www-sonatype-com-3567	323	17	development	development	NN
www-sonatype-com-3567	323	18	practices	practice	NNS
www-sonatype-com-3567	323	19	were	be	VBD
www-sonatype-com-3567	323	20	in	in	IN
www-sonatype-com-3567	323	21	place	place	NN
www-sonatype-com-3567	323	22	ɡ	ɡ	NNP
www-sonatype-com-3567	323	23	When	when	WRB
www-sonatype-com-3567	323	24	OSS	OSS	NNP
www-sonatype-com-3567	323	25	Enlightenment	Enlightenment	NNP
www-sonatype-com-3567	323	26	(	(	-LRB-
www-sonatype-com-3567	323	27	defined	define	VBN
www-sonatype-com-3567	323	28	above	above	RB
www-sonatype-com-3567	323	29	)	)	-RRB-
www-sonatype-com-3567	323	30	was	be	VBD
www-sonatype-com-3567	323	31	present	present	JJ
www-sonatype-com-3567	323	32	Influencing	Influencing	NNP
www-sonatype-com-3567	323	33	Job	Job	NNP
www-sonatype-com-3567	323	34	Satisfaction	Satisfaction	NNP
www-sonatype-com-3567	323	35	This	this	DT
www-sonatype-com-3567	323	36	year	year	NN
www-sonatype-com-3567	323	37	’s	’s	POS
www-sonatype-com-3567	323	38	survey	survey	NN
www-sonatype-com-3567	323	39	measured	measure	VBD
www-sonatype-com-3567	323	40	job	job	NN
www-sonatype-com-3567	323	41	satisfaction	satisfaction	NN
www-sonatype-com-3567	323	42	by	by	IN
www-sonatype-com-3567	323	43	five	five	CD
www-sonatype-com-3567	323	44	questions	question	NNS
www-sonatype-com-3567	323	45	about	about	IN
www-sonatype-com-3567	323	46	various	various	JJ
www-sonatype-com-3567	323	47	aspects	aspect	NNS
www-sonatype-com-3567	323	48	of	of	IN
www-sonatype-com-3567	323	49	work	work	NN
www-sonatype-com-3567	323	50	including	include	VBG
www-sonatype-com-3567	323	51	organizational	organizational	JJ
www-sonatype-com-3567	323	52	support	support	NN
www-sonatype-com-3567	323	53	,	,	,
www-sonatype-com-3567	323	54	level	level	NN
www-sonatype-com-3567	323	55	of	of	IN
www-sonatype-com-3567	323	56	fit	fit	NN
www-sonatype-com-3567	323	57	between	between	IN
www-sonatype-com-3567	323	58	skills	skill	NNS
www-sonatype-com-3567	323	59	and	and	CC
www-sonatype-com-3567	323	60	tasks	task	NNS
www-sonatype-com-3567	323	61	,	,	,
www-sonatype-com-3567	323	62	and	and	CC
www-sonatype-com-3567	323	63	ability	ability	NN
www-sonatype-com-3567	323	64	to	to	TO
www-sonatype-com-3567	323	65	complete	complete	VB
www-sonatype-com-3567	323	66	work	work	NN
www-sonatype-com-3567	323	67	.	.	.
www-sonatype-com-3567	324	1	Interestingly	interestingly	RB
www-sonatype-com-3567	324	2	,	,	,
www-sonatype-com-3567	324	3	the	the	DT
www-sonatype-com-3567	324	4	most	most	RBS
www-sonatype-com-3567	324	5	predictive	predictive	JJ
www-sonatype-com-3567	324	6	question	question	NN
www-sonatype-com-3567	324	7	of	of	IN
www-sonatype-com-3567	324	8	job	job	NN
www-sonatype-com-3567	324	9	satisfaction	satisfaction	NN
www-sonatype-com-3567	324	10	was	be	VBD
www-sonatype-com-3567	324	11	“	"	``
www-sonatype-com-3567	324	12	How	how	WRB
www-sonatype-com-3567	324	13	is	be	VBZ
www-sonatype-com-3567	324	14	your	-PRON-	PRP$
www-sonatype-com-3567	324	15	current	current	JJ
www-sonatype-com-3567	324	16	open	open	JJ
www-sonatype-com-3567	324	17	source	source	NN
www-sonatype-com-3567	324	18	risk	risk	NN
www-sonatype-com-3567	324	19	management	management	NN
www-sonatype-com-3567	324	20	initiative	initiative	NN
www-sonatype-com-3567	324	21	resourced	resource	VBD
www-sonatype-com-3567	324	22	and	and	CC
www-sonatype-com-3567	324	23	supported	support	VBN
www-sonatype-com-3567	324	24	?	?	.
www-sonatype-com-3567	324	25	”	"	''
www-sonatype-com-3567	324	26	This	this	DT
www-sonatype-com-3567	324	27	was	be	VBD
www-sonatype-com-3567	324	28	the	the	DT
www-sonatype-com-3567	324	29	most	most	RBS
www-sonatype-com-3567	324	30	detailed	detailed	JJ
www-sonatype-com-3567	324	31	question	question	NN
www-sonatype-com-3567	324	32	we	-PRON-	PRP
www-sonatype-com-3567	324	33	asked	ask	VBD
www-sonatype-com-3567	324	34	regarding	regard	VBG
www-sonatype-com-3567	324	35	general	general	JJ
www-sonatype-com-3567	324	36	organizational	organizational	JJ
www-sonatype-com-3567	324	37	support	support	NN
www-sonatype-com-3567	324	38	and	and	CC
www-sonatype-com-3567	324	39	included	include	VBD
www-sonatype-com-3567	324	40	sub	sub	NN
www-sonatype-com-3567	324	41	-	-	NNS
www-sonatype-com-3567	324	42	questions	question	NNS
www-sonatype-com-3567	324	43	about	about	IN
www-sonatype-com-3567	324	44	executive	executive	JJ
www-sonatype-com-3567	324	45	support	support	NN
www-sonatype-com-3567	324	46	,	,	,
www-sonatype-com-3567	324	47	budget	budget	NN
www-sonatype-com-3567	324	48	,	,	,
www-sonatype-com-3567	324	49	tooling	tooling	NN
www-sonatype-com-3567	324	50	,	,	,
www-sonatype-com-3567	324	51	and	and	CC
www-sonatype-com-3567	324	52	documentation	documentation	NN
www-sonatype-com-3567	324	53	.	.	.
www-sonatype-com-3567	325	1	We	-PRON-	PRP
www-sonatype-com-3567	325	2	suspect	suspect	VBP
www-sonatype-com-3567	325	3	that	that	IN
www-sonatype-com-3567	325	4	this	this	DT
www-sonatype-com-3567	325	5	relationship	relationship	NN
www-sonatype-com-3567	325	6	is	be	VBZ
www-sonatype-com-3567	325	7	highlighting	highlight	VBG
www-sonatype-com-3567	325	8	a	a	DT
www-sonatype-com-3567	325	9	connection	connection	NN
www-sonatype-com-3567	325	10	between	between	IN
www-sonatype-com-3567	325	11	level	level	NN
www-sonatype-com-3567	325	12	of	of	IN
www-sonatype-com-3567	325	13	employee	employee	NN
www-sonatype-com-3567	325	14	support	support	NN
www-sonatype-com-3567	325	15	and	and	CC
www-sonatype-com-3567	325	16	job	job	NN
www-sonatype-com-3567	325	17	satisfac-	satisfac-	VBG
www-sonatype-com-3567	325	18	tion	tion	NN
www-sonatype-com-3567	325	19	rather	rather	RB
www-sonatype-com-3567	325	20	than	than	IN
www-sonatype-com-3567	325	21	an	an	DT
www-sonatype-com-3567	325	22	effect	effect	NN
www-sonatype-com-3567	325	23	specific	specific	JJ
www-sonatype-com-3567	325	24	to	to	IN
www-sonatype-com-3567	325	25	support	support	NN
www-sonatype-com-3567	325	26	of	of	IN
www-sonatype-com-3567	325	27	open	open	JJ
www-sonatype-com-3567	325	28	source	source	NN
www-sonatype-com-3567	325	29	risk	risk	NN
www-sonatype-com-3567	325	30	management	management	NN
www-sonatype-com-3567	325	31	initiatives	initiative	NNS
www-sonatype-com-3567	325	32	.	.	.
www-sonatype-com-3567	326	1	In	in	IN
www-sonatype-com-3567	326	2	future	future	JJ
www-sonatype-com-3567	326	3	surveys	survey	NNS
www-sonatype-com-3567	326	4	we	-PRON-	PRP
www-sonatype-com-3567	326	5	will	will	MD
www-sonatype-com-3567	326	6	ask	ask	VB
www-sonatype-com-3567	326	7	more	more	RBR
www-sonatype-com-3567	326	8	general	general	JJ
www-sonatype-com-3567	326	9	“	"	``
www-sonatype-com-3567	326	10	organizational	organizational	JJ
www-sonatype-com-3567	326	11	support	support	NN
www-sonatype-com-3567	326	12	”	"	''
www-sonatype-com-3567	326	13	questions	question	NNS
www-sonatype-com-3567	326	14	to	to	TO
www-sonatype-com-3567	326	15	evaluate	evaluate	VB
www-sonatype-com-3567	326	16	this	this	DT
www-sonatype-com-3567	326	17	hypothesis	hypothesis	NN
www-sonatype-com-3567	326	18	.	.	.
www-sonatype-com-3567	327	1	The	the	DT
www-sonatype-com-3567	327	2	usage	usage	NN
www-sonatype-com-3567	327	3	of	of	IN
www-sonatype-com-3567	327	4	Agile	Agile	NNP
www-sonatype-com-3567	327	5	or	or	CC
www-sonatype-com-3567	327	6	DevOps	DevOps	NNP
www-sonatype-com-3567	327	7	practices	practice	NNS
www-sonatype-com-3567	327	8	,	,	,
www-sonatype-com-3567	327	9	as	as	RB
www-sonatype-com-3567	327	10	well	well	RB
www-sonatype-com-3567	327	11	as	as	IN
www-sonatype-com-3567	327	12	automated	automate	VBN
www-sonatype-com-3567	327	13	deployments	deployment	NNS
www-sonatype-com-3567	327	14	and	and	CC
www-sonatype-com-3567	327	15	their	-PRON-	PRP$
www-sonatype-com-3567	327	16	impact	impact	NN
www-sonatype-com-3567	327	17	on	on	IN
www-sonatype-com-3567	327	18	job	job	NN
www-sonatype-com-3567	327	19	satisfaction	satisfaction	NN
www-sonatype-com-3567	327	20	are	be	VBP
www-sonatype-com-3567	327	21	very	very	RB
www-sonatype-com-3567	327	22	similar	similar	JJ
www-sonatype-com-3567	327	23	to	to	IN
www-sonatype-com-3567	327	24	the	the	DT
www-sonatype-com-3567	327	25	early	early	JJ
www-sonatype-com-3567	327	26	results	result	NNS
www-sonatype-com-3567	327	27	from	from	IN
www-sonatype-com-3567	327	28	the	the	DT
www-sonatype-com-3567	327	29	State	State	NNP
www-sonatype-com-3567	327	30	of	of	IN
www-sonatype-com-3567	327	31	DevOps	DevOps	NNP
www-sonatype-com-3567	327	32	Research	Research	NNP
www-sonatype-com-3567	327	33	(	(	-LRB-
www-sonatype-com-3567	327	34	cite	cite	NN
www-sonatype-com-3567	327	35	:	:	:
www-sonatype-com-3567	327	36	Dr.	Dr.	NNP
www-sonatype-com-3567	327	37	Nicole	Nicole	NNP
www-sonatype-com-3567	327	38	Forsgren	Forsgren	NNP
www-sonatype-com-3567	327	39	,	,	,
www-sonatype-com-3567	327	40	Jez	Jez	NNP
www-sonatype-com-3567	327	41	Humble	Humble	NNP
www-sonatype-com-3567	327	42	,	,	,
www-sonatype-com-3567	327	43	Gene	Gene	NNP
www-sonatype-com-3567	327	44	Kim	Kim	NNP
www-sonatype-com-3567	327	45	,	,	,
www-sonatype-com-3567	327	46	2015	2015	CD
www-sonatype-com-3567	327	47	Puppet	Puppet	NNP
www-sonatype-com-3567	327	48	Labs	Labs	NNP
www-sonatype-com-3567	327	49	State	State	NNP
www-sonatype-com-3567	327	50	of	of	IN
www-sonatype-com-3567	327	51	DevOps	DevOps	NNP
www-sonatype-com-3567	327	52	Report.31	Report.31	VBD
www-sonatype-com-3567	327	53	Guidance	Guidance	NNP
www-sonatype-com-3567	327	54	for	for	IN
www-sonatype-com-3567	327	55	Enterprise	Enterprise	NNP
www-sonatype-com-3567	327	56	Development	development	NN
www-sonatype-com-3567	327	57	Teams	team	NNS
www-sonatype-com-3567	327	58	Our	-PRON-	PRP$
www-sonatype-com-3567	327	59	research	research	NN
www-sonatype-com-3567	327	60	shows	show	VBZ
www-sonatype-com-3567	327	61	that	that	IN
www-sonatype-com-3567	327	62	faster	fast	JJR
www-sonatype-com-3567	327	63	innovation	innovation	NN
www-sonatype-com-3567	327	64	and	and	CC
www-sonatype-com-3567	327	65	better	well	JJR
www-sonatype-com-3567	327	66	risk	risk	NN
www-sonatype-com-3567	327	67	management	management	NN
www-sonatype-com-3567	327	68	are	be	VBP
www-sonatype-com-3567	327	69	not	not	RB
www-sonatype-com-3567	327	70	mutually	mutually	RB
www-sonatype-com-3567	327	71	exclu-	exclu-	VBZ
www-sonatype-com-3567	327	72	sive	sive	JJ
www-sonatype-com-3567	327	73	.	.	.
www-sonatype-com-3567	328	1	Indeed	indeed	RB
www-sonatype-com-3567	328	2	,	,	,
www-sonatype-com-3567	328	3	High	High	NNP
www-sonatype-com-3567	328	4	Performance	Performance	NNP
www-sonatype-com-3567	328	5	engineering	engineering	NN
www-sonatype-com-3567	328	6	teams	team	NNS
www-sonatype-com-3567	328	7	are	be	VBP
www-sonatype-com-3567	328	8	accelerating	accelerate	VBG
www-sonatype-com-3567	328	9	velocity	velocity	NN
www-sonatype-com-3567	328	10	while	while	IN
www-sonatype-com-3567	328	11	simultaneously	simultaneously	RB
www-sonatype-com-3567	328	12	reducing	reduce	VBG
www-sonatype-com-3567	328	13	security	security	NN
www-sonatype-com-3567	328	14	and	and	CC
www-sonatype-com-3567	328	15	licensing	licensing	NN
www-sonatype-com-3567	328	16	risks	risk	NNS
www-sonatype-com-3567	328	17	.	.	.
www-sonatype-com-3567	329	1	Our	-PRON-	PRP$
www-sonatype-com-3567	329	2	investigation	investigation	NN
www-sonatype-com-3567	329	3	into	into	IN
www-sonatype-com-3567	329	4	measures	measure	NNS
www-sonatype-com-3567	329	5	of	of	IN
www-sonatype-com-3567	329	6	high	high	JJ
www-sonatype-com-3567	329	7	performance	performance	NN
www-sonatype-com-3567	329	8	component	component	NN
www-sonatype-com-3567	329	9	-	-	HYPH
www-sonatype-com-3567	329	10	based	base	VBN
www-sonatype-com-3567	329	11	software	software	NN
www-sonatype-com-3567	329	12	development	development	NN
www-sonatype-com-3567	329	13	and	and	CC
www-sonatype-com-3567	329	14	deliv-	deliv-	JJ
www-sonatype-com-3567	329	15	ery	ery	NN
www-sonatype-com-3567	329	16	helped	help	VBD
www-sonatype-com-3567	329	17	us	-PRON-	PRP
www-sonatype-com-3567	329	18	confirm	confirm	VB
www-sonatype-com-3567	329	19	four	four	CD
www-sonatype-com-3567	329	20	overarching	overarching	JJ
www-sonatype-com-3567	329	21	,	,	,
www-sonatype-com-3567	329	22	compelling	compelling	JJ
www-sonatype-com-3567	329	23	and	and	CC
www-sonatype-com-3567	329	24	predictable	predictable	JJ
www-sonatype-com-3567	329	25	criteria	criterion	NNS
www-sonatype-com-3567	329	26	:	:	:
www-sonatype-com-3567	329	27	time	time	NN
www-sonatype-com-3567	329	28	to	to	TO
www-sonatype-com-3567	329	29	update	update	VB
www-sonatype-com-3567	329	30	depen-	depen-	FW
www-sonatype-com-3567	329	31	dencies	dencie	NNS
www-sonatype-com-3567	329	32	,	,	,
www-sonatype-com-3567	329	33	deployment	deployment	NN
www-sonatype-com-3567	329	34	frequency	frequency	NN
www-sonatype-com-3567	329	35	,	,	,
www-sonatype-com-3567	329	36	time	time	NN
www-sonatype-com-3567	329	37	required	require	VBN
www-sonatype-com-3567	329	38	for	for	IN
www-sonatype-com-3567	329	39	developers	developer	NNS
www-sonatype-com-3567	329	40	to	to	TO
www-sonatype-com-3567	329	41	be	be	VB
www-sonatype-com-3567	329	42	productive	productive	JJ
www-sonatype-com-3567	329	43	when	when	WRB
www-sonatype-com-3567	329	44	switching	switch	VBG
www-sonatype-com-3567	329	45	teams	team	NNS
www-sonatype-com-3567	329	46	,	,	,
www-sonatype-com-3567	329	47	and	and	CC
www-sonatype-com-3567	329	48	time	time	NN
www-sonatype-com-3567	329	49	to	to	TO
www-sonatype-com-3567	329	50	detect	detect	VB
www-sonatype-com-3567	329	51	and	and	CC
www-sonatype-com-3567	329	52	remediate	remediate	VB
www-sonatype-com-3567	329	53	defective	defective	JJ
www-sonatype-com-3567	329	54	components	component	NNS
www-sonatype-com-3567	329	55	.	.	.
www-sonatype-com-3567	330	1	Teams	team	NNS
www-sonatype-com-3567	330	2	striving	strive	VBG
www-sonatype-com-3567	330	3	for	for	IN
www-sonatype-com-3567	330	4	productivity	productivity	NN
www-sonatype-com-3567	330	5	and	and	CC
www-sonatype-com-3567	330	6	risk	risk	NN
www-sonatype-com-3567	330	7	management	management	NN
www-sonatype-com-3567	330	8	outcomes	outcome	NNS
www-sonatype-com-3567	330	9	that	that	WDT
www-sonatype-com-3567	330	10	improve	improve	VBP
www-sonatype-com-3567	330	11	management	management	NN
www-sonatype-com-3567	330	12	of	of	IN
www-sonatype-com-3567	330	13	their	-PRON-	PRP$
www-sonatype-com-3567	330	14	software	software	NN
www-sonatype-com-3567	330	15	supply	supply	NN
www-sonatype-com-3567	330	16	chains	chain	NNS
www-sonatype-com-3567	330	17	and	and	CC
www-sonatype-com-3567	330	18	delivery	delivery	NN
www-sonatype-com-3567	330	19	practices	practice	NNS
www-sonatype-com-3567	330	20	should	should	MD
www-sonatype-com-3567	330	21	track	track	VB
www-sonatype-com-3567	330	22	performance	performance	NN
www-sonatype-com-3567	330	23	of	of	IN
www-sonatype-com-3567	330	24	these	these	DT
www-sonatype-com-3567	330	25	criteria	criterion	NNS
www-sonatype-com-3567	330	26	.	.	.
www-sonatype-com-3567	331	1	High	high	JJ
www-sonatype-com-3567	331	2	Performer	Performer	NNP
www-sonatype-com-3567	331	3	results	result	NNS
www-sonatype-com-3567	331	4	are	be	VBP
www-sonatype-com-3567	331	5	achieved	achieve	VBN
www-sonatype-com-3567	331	6	not	not	RB
www-sonatype-com-3567	331	7	by	by	IN
www-sonatype-com-3567	331	8	implementing	implement	VBG
www-sonatype-com-3567	331	9	a	a	DT
www-sonatype-com-3567	331	10	single	single	JJ
www-sonatype-com-3567	331	11	tool	tool	NN
www-sonatype-com-3567	331	12	or	or	CC
www-sonatype-com-3567	331	13	practice	practice	NN
www-sonatype-com-3567	331	14	,	,	,
www-sonatype-com-3567	331	15	but	but	CC
www-sonatype-com-3567	331	16	through	through	IN
www-sonatype-com-3567	331	17	a	a	DT
www-sonatype-com-3567	331	18	combination	combination	NN
www-sonatype-com-3567	331	19	of	of	IN
www-sonatype-com-3567	331	20	culture	culture	NN
www-sonatype-com-3567	331	21	,	,	,
www-sonatype-com-3567	331	22	development	development	NN
www-sonatype-com-3567	331	23	practices	practice	NNS
www-sonatype-com-3567	331	24	,	,	,
www-sonatype-com-3567	331	25	policy	policy	NN
www-sonatype-com-3567	331	26	enforcement	enforcement	NN
www-sonatype-com-3567	331	27	,	,	,
www-sonatype-com-3567	331	28	automation	automation	NN
www-sonatype-com-3567	331	29	,	,	,
www-sonatype-com-3567	331	30	and	and	CC
www-sonatype-com-3567	331	31	integrations	integration	NNS
www-sonatype-com-3567	331	32	applied	apply	VBN
www-sonatype-com-3567	331	33	across	across	IN
www-sonatype-com-3567	331	34	the	the	DT
www-sonatype-com-3567	331	35	development	development	NN
www-sonatype-com-3567	331	36	lifecycle	lifecycle	NN
www-sonatype-com-3567	331	37	.	.	.
www-sonatype-com-3567	332	1	Furthermore	furthermore	RB
www-sonatype-com-3567	332	2	,	,	,
www-sonatype-com-3567	332	3	High	high	JJ
www-sonatype-com-3567	332	4	Performers	performer	NNS
www-sonatype-com-3567	332	5	are	be	VBP
www-sonatype-com-3567	332	6	not	not	RB
www-sonatype-com-3567	332	7	only	only	RB
www-sonatype-com-3567	332	8	rewarded	reward	VBN
www-sonatype-com-3567	332	9	with	with	IN
www-sonatype-com-3567	332	10	increased	increase	VBN
www-sonatype-com-3567	332	11	productivity	productivity	NN
www-sonatype-com-3567	332	12	and	and	CC
www-sonatype-com-3567	332	13	better	well	JJR
www-sonatype-com-3567	332	14	security	security	NN
www-sonatype-com-3567	332	15	(	(	-LRB-
www-sonatype-com-3567	332	16	SEE	see	UH
www-sonatype-com-3567	332	17	FIGURE	FIGURE	NNP
www-sonatype-com-3567	332	18	4D	4d	NN
www-sonatype-com-3567	332	19	)	)	-RRB-
www-sonatype-com-3567	332	20	,	,	,
www-sonatype-com-3567	332	21	but	but	CC
www-sonatype-com-3567	332	22	their	-PRON-	PRP$
www-sonatype-com-3567	332	23	employees	employee	NNS
www-sonatype-com-3567	332	24	demonstrate	demonstrate	VBP
www-sonatype-com-3567	332	25	high	high	JJ
www-sonatype-com-3567	332	26	levels	level	NNS
www-sonatype-com-3567	332	27	of	of	IN
www-sonatype-com-3567	332	28	job	job	NN
www-sonatype-com-3567	332	29	satisfaction	satisfaction	NN
www-sonatype-com-3567	332	30	.	.	.
www-sonatype-com-3567	333	1	Security	Security	NNP
www-sonatype-com-3567	333	2	First	First	NNP
www-sonatype-com-3567	333	3	teams	team	NNS
www-sonatype-com-3567	333	4	desiring	desire	VBG
www-sonatype-com-3567	333	5	to	to	TO
www-sonatype-com-3567	333	6	transform	transform	VB
www-sonatype-com-3567	333	7	themselves	-PRON-	PRP
www-sonatype-com-3567	333	8	into	into	IN
www-sonatype-com-3567	333	9	High	High	NNP
www-sonatype-com-3567	333	10	Performers	Performers	NNPS
www-sonatype-com-3567	333	11	would	would	MD
www-sonatype-com-3567	333	12	benefit	benefit	VB
www-sonatype-com-3567	333	13	from	from	IN
www-sonatype-com-3567	333	14	automating	automate	VBG
www-sonatype-com-3567	333	15	their	-PRON-	PRP$
www-sonatype-com-3567	333	16	approval	approval	NN
www-sonatype-com-3567	333	17	,	,	,
www-sonatype-com-3567	333	18	management	management	NN
www-sonatype-com-3567	333	19	and	and	CC
www-sonatype-com-3567	333	20	analysis	analysis	NN
www-sonatype-com-3567	333	21	of	of	IN
www-sonatype-com-3567	333	22	open	open	JJ
www-sonatype-com-3567	333	23	source	source	NN
www-sonatype-com-3567	333	24	components	component	NNS
www-sonatype-com-3567	333	25	.	.	.
www-sonatype-com-3567	334	1	They	-PRON-	PRP
www-sonatype-com-3567	334	2	should	should	MD
www-sonatype-com-3567	334	3	also	also	RB
www-sonatype-com-3567	334	4	consider	consider	VB
www-sonatype-com-3567	334	5	integrating	integrate	VBG
www-sonatype-com-3567	334	6	developer	developer	NN
www-sonatype-com-3567	334	7	friendly	friendly	JJ
www-sonatype-com-3567	334	8	SCA	SCA	NNP
www-sonatype-com-3567	334	9	tools	tool	NNS
www-sonatype-com-3567	334	10	into	into	IN
www-sonatype-com-3567	334	11	their	-PRON-	PRP$
www-sonatype-com-3567	334	12	CI	CI	NNP
www-sonatype-com-3567	334	13	process	process	NN
www-sonatype-com-3567	334	14	so	so	IN
www-sonatype-com-3567	334	15	they	-PRON-	PRP
www-sonatype-com-3567	334	16	can	can	MD
www-sonatype-com-3567	334	17	automatically	automatically	RB
www-sonatype-com-3567	334	18	scan	scan	VB
www-sonatype-com-3567	334	19	build	build	VB
www-sonatype-com-3567	334	20	artifacts	artifact	NNS
www-sonatype-com-3567	334	21	,	,	,
www-sonatype-com-3567	334	22	easily	easily	RB
www-sonatype-com-3567	334	23	identify	identify	VB
www-sonatype-com-3567	334	24	open	open	JJ
www-sonatype-com-3567	334	25	source	source	NN
www-sonatype-com-3567	334	26	security	security	NN
www-sonatype-com-3567	334	27	and	and	CC
www-sonatype-com-3567	334	28	licensing	licensing	NN
www-sonatype-com-3567	334	29	risk	risk	NN
www-sonatype-com-3567	334	30	,	,	,
www-sonatype-com-3567	334	31	and	and	CC
www-sonatype-com-3567	334	32	benefit	benefit	VB
www-sonatype-com-3567	334	33	from	from	IN
www-sonatype-com-3567	334	34	a	a	DT
www-sonatype-com-3567	334	35	SBOM	sbom	NN
www-sonatype-com-3567	334	36	for	for	IN
www-sonatype-com-3567	334	37	all	all	DT
www-sonatype-com-3567	334	38	applications	application	NNS
www-sonatype-com-3567	334	39	.	.	.
www-sonatype-com-3567	335	1	C	c	NN
www-sonatype-com-3567	335	2	H	h	NN
www-sonatype-com-3567	335	3	A	a	NN
www-sonatype-com-3567	335	4	P	p	NN
www-sonatype-com-3567	335	5	T	t	NN
www-sonatype-com-3567	335	6	E	e	NN
www-sonatype-com-3567	335	7	R	r	NN
www-sonatype-com-3567	335	8	4	4	CD
www-sonatype-com-3567	335	9	:	:	:
www-sonatype-com-3567	335	10	H	h	NN
www-sonatype-com-3567	335	11	O	o	NN
www-sonatype-com-3567	335	12	W	w	NN
www-sonatype-com-3567	335	13	H	h	NN
www-sonatype-com-3567	335	14	IG	ig	NN
www-sonatype-com-3567	335	15	H	h	NN
www-sonatype-com-3567	335	16	P	p	NN
www-sonatype-com-3567	335	17	E	e	NN
www-sonatype-com-3567	335	18	R	r	NN
www-sonatype-com-3567	335	19	F	f	NN
www-sonatype-com-3567	335	20	O	o	NN
www-sonatype-com-3567	335	21	R	r	NN
www-sonatype-com-3567	335	22	M	m	NN
www-sonatype-com-3567	335	23	A	A	NNP
www-sonatype-com-3567	335	24	N	n	NN
www-sonatype-com-3567	335	25	C	c	NN
www-sonatype-com-3567	335	26	E	e	NN
www-sonatype-com-3567	335	27	T	t	NN
www-sonatype-com-3567	335	28	E	e	NN
www-sonatype-com-3567	335	29	A	a	NN
www-sonatype-com-3567	335	30	M	m	NN
www-sonatype-com-3567	335	31	S	s	NN
www-sonatype-com-3567	335	32	M	M	NNP
www-sonatype-com-3567	335	33	A	A	NNP
www-sonatype-com-3567	335	34	N	N	NNP
www-sonatype-com-3567	335	35	A	a	NN
www-sonatype-com-3567	335	36	G	g	NN
www-sonatype-com-3567	335	37	E	e	NN
www-sonatype-com-3567	335	38	O	o	NN
www-sonatype-com-3567	335	39	P	p	NN
www-sonatype-com-3567	335	40	E	e	NN
www-sonatype-com-3567	335	41	N	n	NN
www-sonatype-com-3567	335	42	S	s	NN
www-sonatype-com-3567	335	43	O	o	NN
www-sonatype-com-3567	335	44	U	u	NN
www-sonatype-com-3567	335	45	R	r	NN
www-sonatype-com-3567	335	46	C	c	NN
www-sonatype-com-3567	335	47	E	e	NN
www-sonatype-com-3567	335	48	S	s	NN
www-sonatype-com-3567	335	49	O	o	NN
www-sonatype-com-3567	335	50	F	f	NN
www-sonatype-com-3567	335	51	T	t	NN
www-sonatype-com-3567	335	52	W	w	NN
www-sonatype-com-3567	335	53	A	a	NN
www-sonatype-com-3567	335	54	R	r	NN
www-sonatype-com-3567	335	55	E	e	NN
www-sonatype-com-3567	335	56	S	s	NN
www-sonatype-com-3567	335	57	U	u	NN
www-sonatype-com-3567	335	58	P	p	NN
www-sonatype-com-3567	335	59	P	p	NN
www-sonatype-com-3567	335	60	LY	ly	NN
www-sonatype-com-3567	335	61	C	c	NN
www-sonatype-com-3567	335	62	H	h	NN
www-sonatype-com-3567	335	63	A	a	NN
www-sonatype-com-3567	335	64	IN	in	NN
www-sonatype-com-3567	335	65	272020	272020	CD
www-sonatype-com-3567	335	66	STATE	STATE	NNP
www-sonatype-com-3567	335	67	OF	of	IN
www-sonatype-com-3567	335	68	THE	the	DT
www-sonatype-com-3567	335	69	SOFTWARE	software	NN
www-sonatype-com-3567	335	70	SUPPLY	supply	NN
www-sonatype-com-3567	335	71	CHAIN	chain	NN
www-sonatype-com-3567	335	72	REPORT	report	NN
www-sonatype-com-3567	335	73	FIGURE	figure	NN
www-sonatype-com-3567	335	74	4D	4d	NN
www-sonatype-com-3567	335	75	Stronger	strong	JJR
www-sonatype-com-3567	335	76	Risk	Risk	NNP
www-sonatype-com-3567	335	77	Management	Management	NNP
www-sonatype-com-3567	335	78	and	and	CC
www-sonatype-com-3567	335	79	Productivity	Productivity	NNP
www-sonatype-com-3567	335	80	Outcomes	Outcomes	NNP
www-sonatype-com-3567	335	81	for	for	IN
www-sonatype-com-3567	335	82	High	High	NNP
www-sonatype-com-3567	335	83	Performers	Performers	NNPS
www-sonatype-com-3567	335	84	(	(	-LRB-
www-sonatype-com-3567	335	85	Comparison	Comparison	NNP
www-sonatype-com-3567	335	86	of	of	IN
www-sonatype-com-3567	335	87	Cluster	Cluster	NNP
www-sonatype-com-3567	335	88	Centroids	Centroids	NNP
www-sonatype-com-3567	335	89	)	)	-RRB-
www-sonatype-com-3567	335	90	Productivity	Productivity	NNP
www-sonatype-com-3567	335	91	First	First	NNP
www-sonatype-com-3567	335	92	teams	team	NNS
www-sonatype-com-3567	335	93	wanting	want	VBG
www-sonatype-com-3567	335	94	to	to	TO
www-sonatype-com-3567	335	95	shift	shift	VB
www-sonatype-com-3567	335	96	up	up	RP
www-sonatype-com-3567	335	97	into	into	IN
www-sonatype-com-3567	335	98	the	the	DT
www-sonatype-com-3567	335	99	High	High	NNP
www-sonatype-com-3567	335	100	Performer	Performer	NNP
www-sonatype-com-3567	335	101	quadrant	quadrant	NN
www-sonatype-com-3567	335	102	should	should	MD
www-sonatype-com-3567	335	103	prioritize	prioritize	VB
www-sonatype-com-3567	335	104	partnering	partnering	NN
www-sonatype-com-3567	335	105	with	with	IN
www-sonatype-com-3567	335	106	governance	governance	NN
www-sonatype-com-3567	335	107	counterparts	counterpart	NNS
www-sonatype-com-3567	335	108	to	to	TO
www-sonatype-com-3567	335	109	integrate	integrate	VB
www-sonatype-com-3567	335	110	automated	automated	JJ
www-sonatype-com-3567	335	111	security	security	NN
www-sonatype-com-3567	335	112	scanning	scanning	NN
www-sonatype-com-3567	335	113	into	into	IN
www-sonatype-com-3567	335	114	their	-PRON-	PRP$
www-sonatype-com-3567	335	115	CI	CI	NNP
www-sonatype-com-3567	335	116	process	process	NN
www-sonatype-com-3567	335	117	so	so	IN
www-sonatype-com-3567	335	118	they	-PRON-	PRP
www-sonatype-com-3567	335	119	can	can	MD
www-sonatype-com-3567	335	120	easily	easily	RB
www-sonatype-com-3567	335	121	add	add	VB
www-sonatype-com-3567	335	122	and	and	CC
www-sonatype-com-3567	335	123	remove	remove	VB
www-sonatype-com-3567	335	124	OSS	oss	NN
www-sonatype-com-3567	335	125	dependencies	dependency	NNS
www-sonatype-com-3567	335	126	and	and	CC
www-sonatype-com-3567	335	127	regularly	regularly	RB
www-sonatype-com-3567	335	128	remediate	remediate	NN
www-sonatype-com-3567	335	129	known	known	JJ
www-sonatype-com-3567	335	130	OSS	oss	NN
www-sonatype-com-3567	335	131	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	335	132	.	.	.
www-sonatype-com-3567	336	1	Patterns	Patterns	NNPS
www-sonatype-com-3567	336	2	Across	across	IN
www-sonatype-com-3567	336	3	OSS	OSS	NNP
www-sonatype-com-3567	336	4	Component	component	NN
www-sonatype-com-3567	336	5	Updates	Updates	NNPS
www-sonatype-com-3567	336	6	:	:	:
www-sonatype-com-3567	336	7	Easy	easy	JJ
www-sonatype-com-3567	336	8	,	,	,
www-sonatype-com-3567	336	9	Difficult	difficult	JJ
www-sonatype-com-3567	336	10	,	,	,
www-sonatype-com-3567	336	11	and	and	CC
www-sonatype-com-3567	336	12	Planned	plan	VBN
www-sonatype-com-3567	336	13	Over	over	IN
www-sonatype-com-3567	336	14	the	the	DT
www-sonatype-com-3567	336	15	years	year	NNS
www-sonatype-com-3567	336	16	,	,	,
www-sonatype-com-3567	336	17	we	-PRON-	PRP
www-sonatype-com-3567	336	18	’ve	have	VB
www-sonatype-com-3567	336	19	become	become	VBN
www-sonatype-com-3567	336	20	increasingly	increasingly	RB
www-sonatype-com-3567	336	21	convinced	convinced	JJ
www-sonatype-com-3567	336	22	that	that	IN
www-sonatype-com-3567	336	23	while	while	IN
www-sonatype-com-3567	336	24	updating	update	VBG
www-sonatype-com-3567	336	25	dependencies	dependency	NNS
www-sonatype-com-3567	336	26	is	be	VBZ
www-sonatype-com-3567	336	27	very	very	RB
www-sonatype-com-3567	336	28	important	important	JJ
www-sonatype-com-3567	336	29	for	for	IN
www-sonatype-com-3567	336	30	functionality	functionality	NN
www-sonatype-com-3567	336	31	and	and	CC
www-sonatype-com-3567	336	32	security	security	NN
www-sonatype-com-3567	336	33	,	,	,
www-sonatype-com-3567	336	34	there	there	EX
www-sonatype-com-3567	336	35	is	be	VBZ
www-sonatype-com-3567	336	36	a	a	DT
www-sonatype-com-3567	336	37	huge	huge	JJ
www-sonatype-com-3567	336	38	economic	economic	JJ
www-sonatype-com-3567	336	39	cost	cost	NN
www-sonatype-com-3567	336	40	to	to	IN
www-sonatype-com-3567	336	41	staying	stay	VBG
www-sonatype-com-3567	336	42	up	up	RP
www-sonatype-com-3567	336	43	-	-	HYPH
www-sonatype-com-3567	336	44	to	to	IN
www-sonatype-com-3567	336	45	-	-	HYPH
www-sonatype-com-3567	336	46	date	date	NN
www-sonatype-com-3567	336	47	.	.	.
www-sonatype-com-3567	337	1	Ideally	ideally	RB
www-sonatype-com-3567	337	2	,	,	,
www-sonatype-com-3567	337	3	dependencies	dependency	NNS
www-sonatype-com-3567	337	4	should	should	MD
www-sonatype-com-3567	337	5	be	be	VB
www-sonatype-com-3567	337	6	updated	update	VBN
www-sonatype-com-3567	337	7	,	,	,
www-sonatype-com-3567	337	8	simply	simply	RB
www-sonatype-com-3567	337	9	,	,	,
www-sonatype-com-3567	337	10	safely	safely	RB
www-sonatype-com-3567	337	11	and	and	CC
www-sonatype-com-3567	337	12	painlessly	painlessly	RB
www-sonatype-com-3567	337	13	,	,	,
www-sonatype-com-3567	337	14	and	and	CC
www-sonatype-com-3567	337	15	as	as	IN
www-sonatype-com-3567	337	16	part	part	NN
www-sonatype-com-3567	337	17	of	of	IN
www-sonatype-com-3567	337	18	the	the	DT
www-sonatype-com-3567	337	19	routine	routine	JJ
www-sonatype-com-3567	337	20	development	development	NN
www-sonatype-com-3567	337	21	process	process	NN
www-sonatype-com-3567	337	22	.	.	.
www-sonatype-com-3567	338	1	But	but	CC
www-sonatype-com-3567	338	2	reality	reality	NN
www-sonatype-com-3567	338	3	shows	show	VBZ
www-sonatype-com-3567	338	4	that	that	IN
www-sonatype-com-3567	338	5	this	this	DT
www-sonatype-com-3567	338	6	ideal	ideal	NN
www-sonatype-com-3567	338	7	is	be	VBZ
www-sonatype-com-3567	338	8	rarely	rarely	RB
www-sonatype-com-3567	338	9	met	meet	VBN
www-sonatype-com-3567	338	10	.	.	.
www-sonatype-com-3567	339	1	An	an	DT
www-sonatype-com-3567	339	2	astonishing	astonishing	JJ
www-sonatype-com-3567	339	3	story	story	NN
www-sonatype-com-3567	339	4	of	of	IN
www-sonatype-com-3567	339	5	how	how	WRB
www-sonatype-com-3567	339	6	far	far	RB
www-sonatype-com-3567	339	7	an	an	DT
www-sonatype-com-3567	339	8	organization	organization	NN
www-sonatype-com-3567	339	9	can	can	MD
www-sonatype-com-3567	339	10	stray	stray	VB
www-sonatype-com-3567	339	11	from	from	IN
www-sonatype-com-3567	339	12	ideal	ideal	JJ
www-sonatype-com-3567	339	13	update	update	NN
www-sonatype-com-3567	339	14	practices	practice	NNS
www-sonatype-com-3567	339	15	comes	come	VBZ
www-sonatype-com-3567	339	16	from	from	IN
www-sonatype-com-3567	339	17	Eileen	Eileen	NNP
www-sonatype-com-3567	339	18	M.	M.	NNP
www-sonatype-com-3567	339	19	Uchitelle	Uchitelle	NNP
www-sonatype-com-3567	339	20	,	,	,
www-sonatype-com-3567	339	21	Staff	Staff	NNP
www-sonatype-com-3567	339	22	Engineer	Engineer	NNP
www-sonatype-com-3567	339	23	at	at	IN
www-sonatype-com-3567	339	24	GitHub	GitHub	NNP
www-sonatype-com-3567	339	25	,	,	,
www-sonatype-com-3567	339	26	who	who	WP
www-sonatype-com-3567	339	27	described	describe	VBD
www-sonatype-com-3567	339	28	how	how	WRB
www-sonatype-com-3567	339	29	it	-PRON-	PRP
www-sonatype-com-3567	339	30	took	take	VBD
www-sonatype-com-3567	339	31	seven	seven	CD
www-sonatype-com-3567	339	32	years	year	NNS
www-sonatype-com-3567	339	33	to	to	TO
www-sonatype-com-3567	339	34	successfully	successfully	RB
www-sonatype-com-3567	339	35	migrate	migrate	VB
www-sonatype-com-3567	339	36	GitHub	GitHub	NNP
www-sonatype-com-3567	339	37	from	from	IN
www-sonatype-com-3567	339	38	a	a	DT
www-sonatype-com-3567	339	39	forked	forked	JJ
www-sonatype-com-3567	339	40	version	version	NN
www-sonatype-com-3567	339	41	of	of	IN
www-sonatype-com-3567	339	42	Rails	Rails	NNP
www-sonatype-com-3567	339	43	2	2	CD
www-sonatype-com-3567	339	44	to	to	IN
www-sonatype-com-3567	339	45	Rails	rail	NNS
www-sonatype-com-3567	339	46	5.32	5.32	CD
www-sonatype-com-3567	339	47	Even	even	RB
www-sonatype-com-3567	339	48	with	with	IN
www-sonatype-com-3567	339	49	new	new	JJ
www-sonatype-com-3567	339	50	tools	tool	NNS
www-sonatype-com-3567	339	51	available	available	JJ
www-sonatype-com-3567	339	52	to	to	IN
www-sonatype-com-3567	339	53	developers	developer	NNS
www-sonatype-com-3567	339	54	that	that	WDT
www-sonatype-com-3567	339	55	automatically	automatically	RB
www-sonatype-com-3567	339	56	create	create	VBP
www-sonatype-com-3567	339	57	pull	pull	VBP
www-sonatype-com-3567	339	58	requests	request	NNS
www-sonatype-com-3567	339	59	with	with	IN
www-sonatype-com-3567	339	60	updated	update	VBN
www-sonatype-com-3567	339	61	dependencies	dependency	NNS
www-sonatype-com-3567	339	62	,	,	,
www-sonatype-com-3567	339	63	changes	change	NNS
www-sonatype-com-3567	339	64	in	in	IN
www-sonatype-com-3567	339	65	APIs	api	NNS
www-sonatype-com-3567	339	66	and	and	CC
www-sonatype-com-3567	339	67	potential	potential	JJ
www-sonatype-com-3567	339	68	breakage	breakage	NN
www-sonatype-com-3567	339	69	can	can	MD
www-sonatype-com-3567	339	70	still	still	RB
www-sonatype-com-3567	339	71	hold	hold	VB
www-sonatype-com-3567	339	72	back	back	RP
www-sonatype-com-3567	339	73	many	many	JJ
www-sonatype-com-3567	339	74	developers	developer	NNS
www-sonatype-com-3567	339	75	from	from	IN
www-sonatype-com-3567	339	76	updating	update	VBG
www-sonatype-com-3567	339	77	.	.	.
www-sonatype-com-3567	340	1	We	-PRON-	PRP
www-sonatype-com-3567	340	2	suspect	suspect	VBP
www-sonatype-com-3567	340	3	this	this	DT
www-sonatype-com-3567	340	4	change	change	NN
www-sonatype-com-3567	340	5	-	-	HYPH
www-sonatype-com-3567	340	6	induced	induce	VBN
www-sonatype-com-3567	340	7	break-	break-	NN
www-sonatype-com-3567	340	8	age	age	NN
www-sonatype-com-3567	340	9	is	be	VBZ
www-sonatype-com-3567	340	10	a	a	DT
www-sonatype-com-3567	340	11	primary	primary	JJ
www-sonatype-com-3567	340	12	driver	driver	NN
www-sonatype-com-3567	340	13	of	of	IN
www-sonatype-com-3567	340	14	poor	poor	JJ
www-sonatype-com-3567	340	15	updating	updating	JJ
www-sonatype-com-3567	340	16	practices	practice	NNS
www-sonatype-com-3567	340	17	.	.	.
www-sonatype-com-3567	341	1	C	c	NN
www-sonatype-com-3567	341	2	H	h	NN
www-sonatype-com-3567	341	3	A	a	NN
www-sonatype-com-3567	341	4	P	p	NN
www-sonatype-com-3567	341	5	T	t	NN
www-sonatype-com-3567	341	6	E	e	NN
www-sonatype-com-3567	341	7	R	r	NN
www-sonatype-com-3567	341	8	4	4	CD
www-sonatype-com-3567	341	9	:	:	:
www-sonatype-com-3567	341	10	H	h	NN
www-sonatype-com-3567	341	11	O	o	NN
www-sonatype-com-3567	341	12	W	w	NN
www-sonatype-com-3567	341	13	H	h	NN
www-sonatype-com-3567	341	14	IG	ig	NN
www-sonatype-com-3567	341	15	H	h	NN
www-sonatype-com-3567	341	16	P	p	NN
www-sonatype-com-3567	341	17	E	e	NN
www-sonatype-com-3567	341	18	R	r	NN
www-sonatype-com-3567	341	19	F	f	NN
www-sonatype-com-3567	341	20	O	o	NN
www-sonatype-com-3567	341	21	R	r	NN
www-sonatype-com-3567	341	22	M	m	NN
www-sonatype-com-3567	341	23	A	A	NNP
www-sonatype-com-3567	341	24	N	n	NN
www-sonatype-com-3567	341	25	C	c	NN
www-sonatype-com-3567	341	26	E	e	NN
www-sonatype-com-3567	341	27	T	t	NN
www-sonatype-com-3567	341	28	E	e	NN
www-sonatype-com-3567	341	29	A	a	NN
www-sonatype-com-3567	341	30	M	m	NN
www-sonatype-com-3567	341	31	S	s	NN
www-sonatype-com-3567	341	32	M	M	NNP
www-sonatype-com-3567	341	33	A	A	NNP
www-sonatype-com-3567	341	34	N	N	NNP
www-sonatype-com-3567	341	35	A	a	NN
www-sonatype-com-3567	341	36	G	g	NN
www-sonatype-com-3567	341	37	E	e	NN
www-sonatype-com-3567	341	38	O	o	NN
www-sonatype-com-3567	341	39	P	p	NN
www-sonatype-com-3567	341	40	E	e	NN
www-sonatype-com-3567	341	41	N	n	NN
www-sonatype-com-3567	341	42	S	s	NN
www-sonatype-com-3567	341	43	O	o	NN
www-sonatype-com-3567	341	44	U	u	NN
www-sonatype-com-3567	341	45	R	r	NN
www-sonatype-com-3567	341	46	C	c	NN
www-sonatype-com-3567	341	47	E	e	NN
www-sonatype-com-3567	341	48	S	s	NN
www-sonatype-com-3567	341	49	O	o	NN
www-sonatype-com-3567	341	50	F	f	NN
www-sonatype-com-3567	341	51	T	t	NN
www-sonatype-com-3567	341	52	W	w	NN
www-sonatype-com-3567	341	53	A	a	NN
www-sonatype-com-3567	341	54	R	r	NN
www-sonatype-com-3567	341	55	E	e	NN
www-sonatype-com-3567	341	56	S	s	NN
www-sonatype-com-3567	341	57	U	u	NN
www-sonatype-com-3567	341	58	P	p	NN
www-sonatype-com-3567	341	59	P	p	NN
www-sonatype-com-3567	341	60	LY	ly	NN
www-sonatype-com-3567	341	61	C	c	NN
www-sonatype-com-3567	341	62	H	h	NN
www-sonatype-com-3567	341	63	A	a	NN
www-sonatype-com-3567	341	64	IN	in	IN
www-sonatype-com-3567	341	65	282020	282020	CD
www-sonatype-com-3567	341	66	STATE	STATE	NNP
www-sonatype-com-3567	341	67	OF	of	IN
www-sonatype-com-3567	341	68	THE	the	DT
www-sonatype-com-3567	341	69	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	341	70	SUPPLY	supply	NN
www-sonatype-com-3567	341	71	CHAIN	chain	NN
www-sonatype-com-3567	341	72	REPORT	report	NN
www-sonatype-com-3567	341	73	Taking	take	VBG
www-sonatype-com-3567	341	74	a	a	DT
www-sonatype-com-3567	341	75	deeper	deep	JJR
www-sonatype-com-3567	341	76	dive	dive	NN
www-sonatype-com-3567	341	77	into	into	IN
www-sonatype-com-3567	341	78	the	the	DT
www-sonatype-com-3567	341	79	vast	vast	JJ
www-sonatype-com-3567	341	80	data	datum	NNS
www-sonatype-com-3567	341	81	available	available	JJ
www-sonatype-com-3567	341	82	to	to	IN
www-sonatype-com-3567	341	83	us	-PRON-	PRP
www-sonatype-com-3567	341	84	from	from	IN
www-sonatype-com-3567	341	85	The	the	DT
www-sonatype-com-3567	341	86	Central	Central	NNP
www-sonatype-com-3567	341	87	Repository	Repository	NNP
www-sonatype-com-3567	341	88	,	,	,
www-sonatype-com-3567	341	89	we	-PRON-	PRP
www-sonatype-com-3567	341	90	can	can	MD
www-sonatype-com-3567	341	91	better	well	RBR
www-sonatype-com-3567	341	92	visualize	visualize	VB
www-sonatype-com-3567	341	93	open	open	JJ
www-sonatype-com-3567	341	94	source	source	NN
www-sonatype-com-3567	341	95	project	project	NN
www-sonatype-com-3567	341	96	releases	release	NNS
www-sonatype-com-3567	341	97	and	and	CC
www-sonatype-com-3567	341	98	their	-PRON-	PRP$
www-sonatype-com-3567	341	99	adoption	adoption	NN
www-sonatype-com-3567	341	100	by	by	IN
www-sonatype-com-3567	341	101	enterprise	enterprise	NN
www-sonatype-com-3567	341	102	application	application	NN
www-sonatype-com-3567	341	103	development	development	NN
www-sonatype-com-3567	341	104	teams	team	NNS
www-sonatype-com-3567	341	105	who	who	WP
www-sonatype-com-3567	341	106	migrate	migrate	VBP
www-sonatype-com-3567	341	107	from	from	IN
www-sonatype-com-3567	341	108	one	one	CD
www-sonatype-com-3567	341	109	version	version	NN
www-sonatype-com-3567	341	110	to	to	IN
www-sonatype-com-3567	341	111	a	a	DT
www-sonatype-com-3567	341	112	newer	new	JJR
www-sonatype-com-3567	341	113	one	one	NN
www-sonatype-com-3567	341	114	.	.	.
www-sonatype-com-3567	342	1	We	-PRON-	PRP
www-sonatype-com-3567	342	2	believe	believe	VBP
www-sonatype-com-3567	342	3	this	this	DT
www-sonatype-com-3567	342	4	data	data	NN
www-sonatype-com-3567	342	5	shows	show	VBZ
www-sonatype-com-3567	342	6	how	how	WRB
www-sonatype-com-3567	342	7	OSS	oss	NN
www-sonatype-com-3567	342	8	component	component	NN
www-sonatype-com-3567	342	9	selection	selection	NN
www-sonatype-com-3567	342	10	can	can	MD
www-sonatype-com-3567	342	11	play	play	VB
www-sonatype-com-3567	342	12	a	a	DT
www-sonatype-com-3567	342	13	major	major	JJ
www-sonatype-com-3567	342	14	role	role	NN
www-sonatype-com-3567	342	15	in	in	IN
www-sonatype-com-3567	342	16	allowing	allow	VBG
www-sonatype-com-3567	342	17	for	for	IN
www-sonatype-com-3567	342	18	easier	easy	JJR
www-sonatype-com-3567	342	19	and	and	CC
www-sonatype-com-3567	342	20	more	more	JJR
www-sonatype-com-3567	342	21	frequent	frequent	JJ
www-sonatype-com-3567	342	22	updates	update	NNS
www-sonatype-com-3567	342	23	.	.	.
www-sonatype-com-3567	343	1	The	the	DT
www-sonatype-com-3567	343	2	following	follow	VBG
www-sonatype-com-3567	343	3	graphs	graphs	NN
www-sonatype-com-3567	343	4	show	show	VBP
www-sonatype-com-3567	343	5	the	the	DT
www-sonatype-com-3567	343	6	different	different	JJ
www-sonatype-com-3567	343	7	stories	story	NNS
www-sonatype-com-3567	343	8	around	around	IN
www-sonatype-com-3567	343	9	OSS	oss	NN
www-sonatype-com-3567	343	10	update	update	NN
www-sonatype-com-3567	343	11	patterns	pattern	NNS
www-sonatype-com-3567	343	12	by	by	IN
www-sonatype-com-3567	343	13	software	software	NN
www-sonatype-com-3567	343	14	develop-	develop-	NNS
www-sonatype-com-3567	343	15	ment	ment	JJ
www-sonatype-com-3567	343	16	teams	team	NNS
www-sonatype-com-3567	343	17	.	.	.
www-sonatype-com-3567	344	1	Updates	update	NNS
www-sonatype-com-3567	344	2	from	from	IN
www-sonatype-com-3567	344	3	one	one	CD
www-sonatype-com-3567	344	4	version	version	NN
www-sonatype-com-3567	344	5	of	of	IN
www-sonatype-com-3567	344	6	a	a	DT
www-sonatype-com-3567	344	7	library	library	NN
www-sonatype-com-3567	344	8	to	to	IN
www-sonatype-com-3567	344	9	another	another	DT
www-sonatype-com-3567	344	10	are	be	VBP
www-sonatype-com-3567	344	11	visually	visually	RB
www-sonatype-com-3567	344	12	depicted	depict	VBN
www-sonatype-com-3567	344	13	by	by	IN
www-sonatype-com-3567	344	14	connecting	connect	VBG
www-sonatype-com-3567	344	15	the	the	DT
www-sonatype-com-3567	344	16	two	two	CD
www-sonatype-com-3567	344	17	versions	version	NNS
www-sonatype-com-3567	344	18	with	with	IN
www-sonatype-com-3567	344	19	an	an	DT
www-sonatype-com-3567	344	20	arc	arc	NN
www-sonatype-com-3567	344	21	.	.	.
www-sonatype-com-3567	345	1	The	the	DT
www-sonatype-com-3567	345	2	horizontal	horizontal	JJ
www-sonatype-com-3567	345	3	axis	axi	NNS
www-sonatype-com-3567	345	4	is	be	VBZ
www-sonatype-com-3567	345	5	an	an	DT
www-sonatype-com-3567	345	6	ordered	order	VBN
www-sonatype-com-3567	345	7	list	list	NN
www-sonatype-com-3567	345	8	of	of	IN
www-sonatype-com-3567	345	9	library	library	NN
www-sonatype-com-3567	345	10	releases	release	NNS
www-sonatype-com-3567	345	11	,	,	,
www-sonatype-com-3567	345	12	where	where	WRB
www-sonatype-com-3567	345	13	version	version	NN
www-sonatype-com-3567	345	14	numbers	number	NNS
www-sonatype-com-3567	345	15	increase	increase	VBP
www-sonatype-com-3567	345	16	as	as	IN
www-sonatype-com-3567	345	17	you	-PRON-	PRP
www-sonatype-com-3567	345	18	move	move	VBP
www-sonatype-com-3567	345	19	right	right	RB
www-sonatype-com-3567	345	20	.	.	.
www-sonatype-com-3567	346	1	Consider	consider	VB
www-sonatype-com-3567	346	2	the	the	DT
www-sonatype-com-3567	346	3	graph	graph	NN
www-sonatype-com-3567	346	4	for	for	IN
www-sonatype-com-3567	346	5	the	the	DT
www-sonatype-com-3567	346	6	widely	widely	RB
www-sonatype-com-3567	346	7	used	use	VBN
www-sonatype-com-3567	346	8	joda	joda	NNP
www-sonatype-com-3567	346	9	-	-	HYPH
www-sonatype-com-3567	346	10	time	time	NN
www-sonatype-com-3567	346	11	library	library	NN
www-sonatype-com-3567	346	12	(	(	-LRB-
www-sonatype-com-3567	346	13	FIGURE	FIGURE	NNP
www-sonatype-com-3567	346	14	4E	4e	NN
www-sonatype-com-3567	346	15	)	)	-RRB-
www-sonatype-com-3567	346	16	,	,	,
www-sonatype-com-3567	346	17	which	which	WDT
www-sonatype-com-3567	346	18	shows	show	VBZ
www-sonatype-com-3567	346	19	that	that	IN
www-sonatype-com-3567	346	20	developers	developer	NNS
www-sonatype-com-3567	346	21	using	use	VBG
www-sonatype-com-3567	346	22	this	this	DT
www-sonatype-com-3567	346	23	OSS	oss	NN
www-sonatype-com-3567	346	24	component	component	NN
www-sonatype-com-3567	346	25	update	update	NN
www-sonatype-com-3567	346	26	fairly	fairly	RB
www-sonatype-com-3567	346	27	uniformly	uniformly	RB
www-sonatype-com-3567	346	28	between	between	IN
www-sonatype-com-3567	346	29	all	all	DT
www-sonatype-com-3567	346	30	pairs	pair	NNS
www-sonatype-com-3567	346	31	of	of	IN
www-sonatype-com-3567	346	32	versions	version	NNS
www-sonatype-com-3567	346	33	.	.	.
www-sonatype-com-3567	347	1	This	this	DT
www-sonatype-com-3567	347	2	suggests	suggest	VBZ
www-sonatype-com-3567	347	3	that	that	IN
www-sonatype-com-3567	347	4	updates	update	NNS
www-sonatype-com-3567	347	5	are	be	VBP
www-sonatype-com-3567	347	6	easy	easy	JJ
www-sonatype-com-3567	347	7	,	,	,
www-sonatype-com-3567	347	8	presenting	present	VBG
www-sonatype-com-3567	347	9	a	a	DT
www-sonatype-com-3567	347	10	seemingly	seemingly	RB
www-sonatype-com-3567	347	11	homoge-	homoge-	JJ
www-sonatype-com-3567	347	12	nous	nous	JJ
www-sonatype-com-3567	347	13	set	set	NN
www-sonatype-com-3567	347	14	of	of	IN
www-sonatype-com-3567	347	15	versions	version	NNS
www-sonatype-com-3567	347	16	to	to	TO
www-sonatype-com-3567	347	17	select	select	VB
www-sonatype-com-3567	347	18	migrate	migrate	NN
www-sonatype-com-3567	347	19	to	to	IN
www-sonatype-com-3567	347	20	and	and	CC
www-sonatype-com-3567	347	21	from	from	IN
www-sonatype-com-3567	347	22	.	.	.
www-sonatype-com-3567	348	1	On	on	IN
www-sonatype-com-3567	348	2	the	the	DT
www-sonatype-com-3567	348	3	opposite	opposite	JJ
www-sonatype-com-3567	348	4	extreme	extreme	NN
www-sonatype-com-3567	348	5	,	,	,
www-sonatype-com-3567	348	6	consider	consider	VB
www-sonatype-com-3567	348	7	the	the	DT
www-sonatype-com-3567	348	8	graph	graph	NN
www-sonatype-com-3567	348	9	for	for	IN
www-sonatype-com-3567	348	10	the	the	DT
www-sonatype-com-3567	348	11	hibernate	hibernate	NN
www-sonatype-com-3567	348	12	-	-	HYPH
www-sonatype-com-3567	348	13	validator	validator	NN
www-sonatype-com-3567	348	14	library	library	NN
www-sonatype-com-3567	348	15	(	(	-LRB-
www-sonatype-com-3567	348	16	FIGURE	FIGURE	NNP
www-sonatype-com-3567	348	17	4F	4F	NNP
www-sonatype-com-3567	348	18	)	)	-RRB-
www-sonatype-com-3567	348	19	,	,	,
www-sonatype-com-3567	348	20	where	where	WRB
www-sonatype-com-3567	348	21	there	there	EX
www-sonatype-com-3567	348	22	are	be	VBP
www-sonatype-com-3567	348	23	two	two	CD
www-sonatype-com-3567	348	24	sets	set	NNS
www-sonatype-com-3567	348	25	of	of	IN
www-sonatype-com-3567	348	26	communities	community	NNS
www-sonatype-com-3567	348	27	using	use	VBG
www-sonatype-com-3567	348	28	it	-PRON-	PRP
www-sonatype-com-3567	348	29	—	—	:
www-sonatype-com-3567	348	30	 	  	_SP
www-sonatype-com-3567	348	31	one	one	CD
www-sonatype-com-3567	348	32	favoring	favor	VBG
www-sonatype-com-3567	348	33	version	version	NN
www-sonatype-com-3567	348	34	5	5	CD
www-sonatype-com-3567	348	35	and	and	CC
www-sonatype-com-3567	348	36	another	another	DT
www-sonatype-com-3567	348	37	preferring	prefer	VBG
www-sonatype-com-3567	348	38	version	version	NN
www-sonatype-com-3567	348	39	6	6	CD
www-sonatype-com-3567	348	40	.	.	.
www-sonatype-com-3567	349	1	The	the	DT
www-sonatype-com-3567	349	2	two	two	CD
www-sonatype-com-3567	349	3	communities	community	NNS
www-sonatype-com-3567	349	4	very	very	RB
www-sonatype-com-3567	349	5	rarely	rarely	RB
www-sonatype-com-3567	349	6	intersect	intersect	VBP
www-sonatype-com-3567	349	7	.	.	.
www-sonatype-com-3567	350	1	This	this	DT
www-sonatype-com-3567	350	2	suggests	suggest	VBZ
www-sonatype-com-3567	350	3	that	that	IN
www-sonatype-com-3567	350	4	updating	update	VBG
www-sonatype-com-3567	350	5	to	to	TO
www-sonatype-com-3567	350	6	version	version	NN
www-sonatype-com-3567	350	7	6	6	CD
www-sonatype-com-3567	350	8	from	from	IN
www-sonatype-com-3567	350	9	version	version	NN
www-sonatype-com-3567	350	10	5	5	CD
www-sonatype-com-3567	350	11	is	be	VBZ
www-sonatype-com-3567	350	12	either	either	CC
www-sonatype-com-3567	350	13	too	too	RB
www-sonatype-com-3567	350	14	difficult	difficult	JJ
www-sonatype-com-3567	350	15	,	,	,
www-sonatype-com-3567	350	16	or	or	CC
www-sonatype-com-3567	350	17	the	the	DT
www-sonatype-com-3567	350	18	value	value	NN
www-sonatype-com-3567	350	19	is	be	VBZ
www-sonatype-com-3567	350	20	not	not	RB
www-sonatype-com-3567	350	21	worth	worth	JJ
www-sonatype-com-3567	350	22	the	the	DT
www-sonatype-com-3567	350	23	effort	effort	NN
www-sonatype-com-3567	350	24	.	.	.
www-sonatype-com-3567	351	1	Finally	finally	RB
www-sonatype-com-3567	351	2	,	,	,
www-sonatype-com-3567	351	3	we	-PRON-	PRP
www-sonatype-com-3567	351	4	take	take	VBP
www-sonatype-com-3567	351	5	a	a	DT
www-sonatype-com-3567	351	6	look	look	NN
www-sonatype-com-3567	351	7	at	at	IN
www-sonatype-com-3567	351	8	the	the	DT
www-sonatype-com-3567	351	9	pattern	pattern	NN
www-sonatype-com-3567	351	10	for	for	IN
www-sonatype-com-3567	351	11	spring-	spring-	NNP
www-sonatype-com-3567	351	12	core	core	NN
www-sonatype-com-3567	351	13	(	(	-LRB-
www-sonatype-com-3567	351	14	FIGURE	FIGURE	NNP
www-sonatype-com-3567	351	15	4	4	CD
www-sonatype-com-3567	351	16	G	g	NN
www-sonatype-com-3567	351	17	)	)	-RRB-
www-sonatype-com-3567	351	18	,	,	,
www-sonatype-com-3567	351	19	which	which	WDT
www-sonatype-com-3567	351	20	suggests	suggest	VBZ
www-sonatype-com-3567	351	21	that	that	IN
www-sonatype-com-3567	351	22	updating	updating	NN
www-sonatype-com-3567	351	23	is	be	VBZ
www-sonatype-com-3567	351	24	sufficiently	sufficiently	RB
www-sonatype-com-3567	351	25	difficult	difficult	JJ
www-sonatype-com-3567	351	26	that	that	IN
www-sonatype-com-3567	351	27	the	the	DT
www-sonatype-com-3567	351	28	effort	effort	NN
www-sonatype-com-3567	351	29	must	must	MD
www-sonatype-com-3567	351	30	be	be	VB
www-sonatype-com-3567	351	31	planned	plan	VBN
www-sonatype-com-3567	351	32	and	and	CC
www-sonatype-com-3567	351	33	some	some	DT
www-sonatype-com-3567	351	34	version	version	NN
www-sonatype-com-3567	351	35	ranges	range	VBZ
www-sonatype-com-3567	351	36	end	end	VBP
www-sonatype-com-3567	351	37	up	up	RP
www-sonatype-com-3567	351	38	being	be	VBG
www-sonatype-com-3567	351	39	avoided	avoid	VBN
www-sonatype-com-3567	351	40	.	.	.
www-sonatype-com-3567	352	1	In	in	IN
www-sonatype-com-3567	352	2	our	-PRON-	PRP$
www-sonatype-com-3567	352	3	future	future	JJ
www-sonatype-com-3567	352	4	work	work	NN
www-sonatype-com-3567	352	5	,	,	,
www-sonatype-com-3567	352	6	we	-PRON-	PRP
www-sonatype-com-3567	352	7	would	would	MD
www-sonatype-com-3567	352	8	like	like	VB
www-sonatype-com-3567	352	9	to	to	TO
www-sonatype-com-3567	352	10	further	further	JJ
www-sonatype-com-3567	352	11	inves-	inves-	NNS
www-sonatype-com-3567	352	12	tigate	tigate	VB
www-sonatype-com-3567	352	13	which	which	WDT
www-sonatype-com-3567	352	14	dependencies	dependencie	VBZ
www-sonatype-com-3567	352	15	the	the	DT
www-sonatype-com-3567	352	16	High	High	NNP
www-sonatype-com-3567	352	17	Performers	Performers	NNPS
www-sonatype-com-3567	352	18	and	and	CC
www-sonatype-com-3567	352	19	other	other	JJ
www-sonatype-com-3567	352	20	notable	notable	JJ
www-sonatype-com-3567	352	21	clusters	cluster	NNS
www-sonatype-com-3567	352	22	are	be	VBP
www-sonatype-com-3567	352	23	using	use	VBG
www-sonatype-com-3567	352	24	and	and	CC
www-sonatype-com-3567	352	25	the	the	DT
www-sonatype-com-3567	352	26	criteria	criterion	NNS
www-sonatype-com-3567	352	27	they	-PRON-	PRP
www-sonatype-com-3567	352	28	use	use	VBP
www-sonatype-com-3567	352	29	to	to	TO
www-sonatype-com-3567	352	30	select	select	VB
www-sonatype-com-3567	352	31	them	-PRON-	PRP
www-sonatype-com-3567	352	32	,	,	,
www-sonatype-com-3567	352	33	while	while	IN
www-sonatype-com-3567	352	34	measuring	measure	VBG
www-sonatype-com-3567	352	35	the	the	DT
www-sonatype-com-3567	352	36	effort	effort	NN
www-sonatype-com-3567	352	37	and	and	CC
www-sonatype-com-3567	352	38	cost	cost	NN
www-sonatype-com-3567	352	39	required	require	VBN
www-sonatype-com-3567	352	40	to	to	TO
www-sonatype-com-3567	352	41	stay	stay	VB
www-sonatype-com-3567	352	42	up	up	RB
www-sonatype-com-3567	352	43	-	-	HYPH
www-sonatype-com-3567	352	44	to	to	IN
www-sonatype-com-3567	352	45	-	-	HYPH
www-sonatype-com-3567	352	46	date	date	NN
www-sonatype-com-3567	352	47	.	.	.
www-sonatype-com-3567	353	1	We	-PRON-	PRP
www-sonatype-com-3567	353	2	believe	believe	VBP
www-sonatype-com-3567	353	3	that	that	IN
www-sonatype-com-3567	353	4	this	this	DT
www-sonatype-com-3567	353	5	could	could	MD
www-sonatype-com-3567	353	6	reveal	reveal	VB
www-sonatype-com-3567	353	7	lessons	lesson	NNS
www-sonatype-com-3567	353	8	and	and	CC
www-sonatype-com-3567	353	9	principles	principle	NNS
www-sonatype-com-3567	353	10	that	that	WDT
www-sonatype-com-3567	353	11	could	could	MD
www-sonatype-com-3567	353	12	help	help	VB
www-sonatype-com-3567	353	13	every	every	DT
www-sonatype-com-3567	353	14	organization	organization	NN
www-sonatype-com-3567	353	15	using	use	VBG
www-sonatype-com-3567	353	16	open	open	JJ
www-sonatype-com-3567	353	17	source	source	NN
www-sonatype-com-3567	353	18	software	software	NN
www-sonatype-com-3567	353	19	components	component	NNS
www-sonatype-com-3567	353	20	.	.	.
www-sonatype-com-3567	354	1	Now	now	RB
www-sonatype-com-3567	354	2	that	that	IN
www-sonatype-com-3567	354	3	we	-PRON-	PRP
www-sonatype-com-3567	354	4	have	have	VBP
www-sonatype-com-3567	354	5	explored	explore	VBN
www-sonatype-com-3567	354	6	practices	practice	NNS
www-sonatype-com-3567	354	7	and	and	CC
www-sonatype-com-3567	354	8	related	relate	VBN
www-sonatype-com-3567	354	9	outcomes	outcome	NNS
www-sonatype-com-3567	354	10	that	that	WDT
www-sonatype-com-3567	354	11	contribute	contribute	VBP
www-sonatype-com-3567	354	12	to	to	IN
www-sonatype-com-3567	354	13	successful	successful	JJ
www-sonatype-com-3567	354	14	software	software	NN
www-sonatype-com-3567	354	15	supply	supply	NN
www-sonatype-com-3567	354	16	chain	chain	NN
www-sonatype-com-3567	354	17	management	management	NN
www-sonatype-com-3567	354	18	,	,	,
www-sonatype-com-3567	354	19	let	let	VB
www-sonatype-com-3567	354	20	’s	-PRON-	PRP
www-sonatype-com-3567	354	21	take	take	VB
www-sonatype-com-3567	354	22	a	a	DT
www-sonatype-com-3567	354	23	closer	close	JJR
www-sonatype-com-3567	354	24	look	look	NN
www-sonatype-com-3567	354	25	at	at	IN
www-sonatype-com-3567	354	26	the	the	DT
www-sonatype-com-3567	354	27	volume	volume	NN
www-sonatype-com-3567	354	28	,	,	,
www-sonatype-com-3567	354	29	quality	quality	NN
www-sonatype-com-3567	354	30	,	,	,
www-sonatype-com-3567	354	31	and	and	CC
www-sonatype-com-3567	354	32	security	security	NN
www-sonatype-com-3567	354	33	of	of	IN
www-sonatype-com-3567	354	34	open	open	JJ
www-sonatype-com-3567	354	35	source	source	NN
www-sonatype-com-3567	354	36	component	component	NN
www-sonatype-com-3567	354	37	consumption	consumption	NN
www-sonatype-com-3567	354	38	in	in	IN
www-sonatype-com-3567	354	39	the	the	DT
www-sonatype-com-3567	354	40	enterprise	enterprise	NN
www-sonatype-com-3567	354	41	.	.	.
www-sonatype-com-3567	355	1	■	■	NFP
www-sonatype-com-3567	355	2	Poor	Poor	NNP
www-sonatype-com-3567	355	3	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	4	-	-	HYPH
www-sonatype-com-3567	355	5	>	>	NN
www-sonatype-com-3567	355	6	Good	Good	NNP
www-sonatype-com-3567	355	7	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	8	(	(	-LRB-
www-sonatype-com-3567	355	9	by	by	IN
www-sonatype-com-3567	355	10	application	application	NN
www-sonatype-com-3567	355	11	count	count	NNP
www-sonatype-com-3567	355	12	)	)	-RRB-
www-sonatype-com-3567	355	13	joda	joda	NNP
www-sonatype-com-3567	355	14	-	-	HYPH
www-sonatype-com-3567	355	15	time.joda	time.joda	NN
www-sonatype-com-3567	355	16	-	-	HYPH
www-sonatype-com-3567	355	17	time	time	NN
www-sonatype-com-3567	355	18	library	library	NN
www-sonatype-com-3567	355	19	MIGRATION	migration	NN
www-sonatype-com-3567	355	20	PATTERNS	patterns	RB
www-sonatype-com-3567	355	21	BETWEEN	between	IN
www-sonatype-com-3567	355	22	OSS	oss	NN
www-sonatype-com-3567	355	23	COMPONENT	component	NN
www-sonatype-com-3567	355	24	RELEASES	releases	VBP
www-sonatype-com-3567	355	25	50	50	CD
www-sonatype-com-3567	355	26	+	+	SYM
www-sonatype-com-3567	355	27	40	40	CD
www-sonatype-com-3567	355	28	30	30	CD
www-sonatype-com-3567	355	29	20	20	CD
www-sonatype-com-3567	355	30	10	10	CD
www-sonatype-com-3567	355	31	0	0	CD
www-sonatype-com-3567	355	32	10	10	CD
www-sonatype-com-3567	355	33	20	20	CD
www-sonatype-com-3567	355	34	30	30	CD
www-sonatype-com-3567	355	35	40	40	CD
www-sonatype-com-3567	355	36	50	50	CD
www-sonatype-com-3567	355	37	+	+	SYM
www-sonatype-com-3567	355	38	FIGURE	FIGURE	NNP
www-sonatype-com-3567	355	39	4E	4e	JJ
www-sonatype-com-3567	355	40	joda	joda	NN
www-sonatype-com-3567	355	41	-	-	HYPH
www-sonatype-com-3567	355	42	time.joda	time.joda	NN
www-sonatype-com-3567	355	43	-	-	HYPH
www-sonatype-com-3567	355	44	time	time	NN
www-sonatype-com-3567	355	45	library	library	NN
www-sonatype-com-3567	355	46	Poor	Poor	NNP
www-sonatype-com-3567	355	47	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	48	-	-	HYPH
www-sonatype-com-3567	355	49	>	>	NN
www-sonatype-com-3567	355	50	Good	Good	NNP
www-sonatype-com-3567	355	51	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	52	(	(	-LRB-
www-sonatype-com-3567	355	53	by	by	IN
www-sonatype-com-3567	355	54	application	application	NN
www-sonatype-com-3567	355	55	count	count	NN
www-sonatype-com-3567	355	56	)	)	-RRB-
www-sonatype-com-3567	355	57	50	50	CD
www-sonatype-com-3567	355	58	+	+	SYM
www-sonatype-com-3567	355	59	40	40	CD
www-sonatype-com-3567	355	60	30	30	CD
www-sonatype-com-3567	355	61	20	20	CD
www-sonatype-com-3567	355	62	10	10	CD
www-sonatype-com-3567	355	63	0	0	CD
www-sonatype-com-3567	355	64	10	10	CD
www-sonatype-com-3567	355	65	20	20	CD
www-sonatype-com-3567	355	66	30	30	CD
www-sonatype-com-3567	355	67	40	40	CD
www-sonatype-com-3567	355	68	50	50	CD
www-sonatype-com-3567	355	69	+	+	SYM
www-sonatype-com-3567	355	70	C	c	NN
www-sonatype-com-3567	355	71	H	h	NN
www-sonatype-com-3567	355	72	A	a	NN
www-sonatype-com-3567	355	73	P	p	NN
www-sonatype-com-3567	355	74	T	t	NN
www-sonatype-com-3567	355	75	E	e	NN
www-sonatype-com-3567	355	76	R	r	NN
www-sonatype-com-3567	355	77	4	4	CD
www-sonatype-com-3567	355	78	:	:	:
www-sonatype-com-3567	355	79	H	h	NN
www-sonatype-com-3567	355	80	O	o	NN
www-sonatype-com-3567	355	81	W	w	NN
www-sonatype-com-3567	355	82	H	h	NN
www-sonatype-com-3567	355	83	IG	ig	NN
www-sonatype-com-3567	355	84	H	h	NN
www-sonatype-com-3567	355	85	P	p	NN
www-sonatype-com-3567	355	86	E	e	NN
www-sonatype-com-3567	355	87	R	r	NN
www-sonatype-com-3567	355	88	F	f	NN
www-sonatype-com-3567	355	89	O	o	NN
www-sonatype-com-3567	355	90	R	r	NN
www-sonatype-com-3567	355	91	M	m	NN
www-sonatype-com-3567	355	92	A	A	NNP
www-sonatype-com-3567	355	93	N	n	NN
www-sonatype-com-3567	355	94	C	c	NN
www-sonatype-com-3567	355	95	E	e	NN
www-sonatype-com-3567	355	96	T	t	NN
www-sonatype-com-3567	355	97	E	e	NN
www-sonatype-com-3567	355	98	A	a	NN
www-sonatype-com-3567	355	99	M	m	NN
www-sonatype-com-3567	355	100	S	s	NN
www-sonatype-com-3567	355	101	M	M	NNP
www-sonatype-com-3567	355	102	A	A	NNP
www-sonatype-com-3567	355	103	N	N	NNP
www-sonatype-com-3567	355	104	A	a	NN
www-sonatype-com-3567	355	105	G	g	NN
www-sonatype-com-3567	355	106	E	e	NN
www-sonatype-com-3567	355	107	O	o	NN
www-sonatype-com-3567	355	108	P	p	NN
www-sonatype-com-3567	355	109	E	e	NN
www-sonatype-com-3567	355	110	N	n	NN
www-sonatype-com-3567	355	111	S	s	NN
www-sonatype-com-3567	355	112	O	o	NN
www-sonatype-com-3567	355	113	U	u	NN
www-sonatype-com-3567	355	114	R	r	NN
www-sonatype-com-3567	355	115	C	c	NN
www-sonatype-com-3567	355	116	E	e	NN
www-sonatype-com-3567	355	117	S	s	NN
www-sonatype-com-3567	355	118	O	o	NN
www-sonatype-com-3567	355	119	F	f	NN
www-sonatype-com-3567	355	120	T	t	NN
www-sonatype-com-3567	355	121	W	w	NN
www-sonatype-com-3567	355	122	A	a	NN
www-sonatype-com-3567	355	123	R	r	NN
www-sonatype-com-3567	355	124	E	e	NN
www-sonatype-com-3567	355	125	S	s	NN
www-sonatype-com-3567	355	126	U	u	NN
www-sonatype-com-3567	355	127	P	p	NN
www-sonatype-com-3567	355	128	P	p	NN
www-sonatype-com-3567	355	129	LY	ly	NN
www-sonatype-com-3567	355	130	C	c	NN
www-sonatype-com-3567	355	131	H	h	NN
www-sonatype-com-3567	355	132	A	a	NN
www-sonatype-com-3567	355	133	IN	in	NN
www-sonatype-com-3567	355	134	292020	292020	CD
www-sonatype-com-3567	355	135	STATE	STATE	NNP
www-sonatype-com-3567	355	136	OF	of	IN
www-sonatype-com-3567	355	137	THE	the	DT
www-sonatype-com-3567	355	138	SOFTWARE	software	NN
www-sonatype-com-3567	355	139	SUPPLY	supply	NN
www-sonatype-com-3567	355	140	CHAIN	CHAIN	NNP
www-sonatype-com-3567	355	141	REPORT	REPORT	NNP
www-sonatype-com-3567	355	142	Poor	Poor	NNP
www-sonatype-com-3567	355	143	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	144	-	-	HYPH
www-sonatype-com-3567	355	145	>	>	NN
www-sonatype-com-3567	355	146	Good	Good	NNP
www-sonatype-com-3567	355	147	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	148	(	(	-LRB-
www-sonatype-com-3567	355	149	by	by	IN
www-sonatype-com-3567	355	150	application	application	NN
www-sonatype-com-3567	355	151	count	count	NN
www-sonatype-com-3567	355	152	)	)	-RRB-
www-sonatype-com-3567	355	153	spring.spring	spring.spring	NN
www-sonatype-com-3567	355	154	-	-	HYPH
www-sonatype-com-3567	355	155	core	core	NN
www-sonatype-com-3567	355	156	library	library	NN
www-sonatype-com-3567	355	157	50	50	CD
www-sonatype-com-3567	355	158	+	+	SYM
www-sonatype-com-3567	355	159	40	40	CD
www-sonatype-com-3567	355	160	30	30	CD
www-sonatype-com-3567	355	161	20	20	CD
www-sonatype-com-3567	355	162	10	10	CD
www-sonatype-com-3567	355	163	0	0	CD
www-sonatype-com-3567	355	164	10	10	CD
www-sonatype-com-3567	355	165	20	20	CD
www-sonatype-com-3567	355	166	30	30	CD
www-sonatype-com-3567	355	167	40	40	CD
www-sonatype-com-3567	355	168	50	50	CD
www-sonatype-com-3567	355	169	+	+	CC
www-sonatype-com-3567	355	170	MIGRATION	migration	NN
www-sonatype-com-3567	355	171	PATTERNS	pattern	NNS
www-sonatype-com-3567	355	172	BETWEEN	between	IN
www-sonatype-com-3567	355	173	OSS	oss	NN
www-sonatype-com-3567	355	174	COMPONENT	component	NN
www-sonatype-com-3567	355	175	RELEASES	releases	VBP
www-sonatype-com-3567	355	176	Poor	Poor	NNP
www-sonatype-com-3567	355	177	Migrations	migration	NNS
www-sonatype-com-3567	355	178	-	-	HYPH
www-sonatype-com-3567	355	179	>	>	NN
www-sonatype-com-3567	355	180	Good	Good	NNP
www-sonatype-com-3567	355	181	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	182	(	(	-LRB-
www-sonatype-com-3567	355	183	by	by	IN
www-sonatype-com-3567	355	184	application	application	NN
www-sonatype-com-3567	355	185	count	count	NN
www-sonatype-com-3567	355	186	)	)	-RRB-
www-sonatype-com-3567	355	187	hibernate	hibernate	NN
www-sonatype-com-3567	355	188	-	-	HYPH
www-sonatype-com-3567	355	189	validator	validator	NN
www-sonatype-com-3567	355	190	library	library	NN
www-sonatype-com-3567	355	191	MIGRATION	migration	NN
www-sonatype-com-3567	355	192	PATTERNS	patterns	RB
www-sonatype-com-3567	355	193	BETWEEN	between	IN
www-sonatype-com-3567	355	194	OSS	oss	NN
www-sonatype-com-3567	355	195	COMPONENT	component	NN
www-sonatype-com-3567	355	196	RELEASES	releases	VBP
www-sonatype-com-3567	355	197	50	50	CD
www-sonatype-com-3567	355	198	+	+	SYM
www-sonatype-com-3567	355	199	40	40	CD
www-sonatype-com-3567	355	200	30	30	CD
www-sonatype-com-3567	355	201	20	20	CD
www-sonatype-com-3567	355	202	10	10	CD
www-sonatype-com-3567	355	203	0	0	CD
www-sonatype-com-3567	355	204	10	10	CD
www-sonatype-com-3567	355	205	20	20	CD
www-sonatype-com-3567	355	206	30	30	CD
www-sonatype-com-3567	355	207	40	40	CD
www-sonatype-com-3567	355	208	50	50	CD
www-sonatype-com-3567	355	209	+	+	CD
www-sonatype-com-3567	355	210	Poor	Poor	NNP
www-sonatype-com-3567	355	211	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	212	-	-	,
www-sonatype-com-3567	355	213	>	>	NN
www-sonatype-com-3567	355	214	Good	Good	NNP
www-sonatype-com-3567	355	215	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	216	(	(	-LRB-
www-sonatype-com-3567	355	217	by	by	IN
www-sonatype-com-3567	355	218	application	application	NN
www-sonatype-com-3567	355	219	count	count	NN
www-sonatype-com-3567	355	220	)	)	-RRB-
www-sonatype-com-3567	355	221	FIGURE	FIGURE	NNP
www-sonatype-com-3567	355	222	4	4	CD
www-sonatype-com-3567	355	223	G	g	NN
www-sonatype-com-3567	355	224	spring.spring	spring.spring	NN
www-sonatype-com-3567	355	225	-	-	HYPH
www-sonatype-com-3567	355	226	core	core	NN
www-sonatype-com-3567	355	227	library	library	NN
www-sonatype-com-3567	355	228	Poor	Poor	NNP
www-sonatype-com-3567	355	229	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	230	-	-	HYPH
www-sonatype-com-3567	355	231	>	>	NN
www-sonatype-com-3567	355	232	Good	Good	NNP
www-sonatype-com-3567	355	233	Migrations	Migrations	NNPS
www-sonatype-com-3567	355	234	(	(	-LRB-
www-sonatype-com-3567	355	235	by	by	IN
www-sonatype-com-3567	355	236	application	application	NN
www-sonatype-com-3567	355	237	count	count	NN
www-sonatype-com-3567	355	238	)	)	-RRB-
www-sonatype-com-3567	355	239	FIGURE	FIGURE	NNP
www-sonatype-com-3567	355	240	4F	4F	NNP
www-sonatype-com-3567	355	241	hibernate	hibernate	NN
www-sonatype-com-3567	355	242	-	-	HYPH
www-sonatype-com-3567	355	243	validator	validator	NN
www-sonatype-com-3567	355	244	library	library	NN
www-sonatype-com-3567	355	245	50	50	CD
www-sonatype-com-3567	355	246	+	+	SYM
www-sonatype-com-3567	355	247	40	40	CD
www-sonatype-com-3567	355	248	30	30	CD
www-sonatype-com-3567	355	249	20	20	CD
www-sonatype-com-3567	355	250	10	10	CD
www-sonatype-com-3567	355	251	0	0	CD
www-sonatype-com-3567	355	252	10	10	CD
www-sonatype-com-3567	355	253	20	20	CD
www-sonatype-com-3567	355	254	30	30	CD
www-sonatype-com-3567	355	255	40	40	CD
www-sonatype-com-3567	355	256	50	50	CD
www-sonatype-com-3567	355	257	+	+	SYM
www-sonatype-com-3567	355	258	50	50	CD
www-sonatype-com-3567	355	259	+	+	SYM
www-sonatype-com-3567	355	260	40	40	CD
www-sonatype-com-3567	355	261	30	30	CD
www-sonatype-com-3567	355	262	20	20	CD
www-sonatype-com-3567	355	263	10	10	CD
www-sonatype-com-3567	355	264	0	0	CD
www-sonatype-com-3567	355	265	10	10	CD
www-sonatype-com-3567	355	266	20	20	CD
www-sonatype-com-3567	355	267	30	30	CD
www-sonatype-com-3567	355	268	40	40	CD
www-sonatype-com-3567	355	269	50	50	CD
www-sonatype-com-3567	355	270	+	+	SYM
www-sonatype-com-3567	355	271	C	c	NN
www-sonatype-com-3567	355	272	H	h	NN
www-sonatype-com-3567	355	273	A	a	NN
www-sonatype-com-3567	355	274	P	p	NN
www-sonatype-com-3567	355	275	T	t	NN
www-sonatype-com-3567	355	276	E	e	NN
www-sonatype-com-3567	355	277	R	r	NN
www-sonatype-com-3567	355	278	4	4	CD
www-sonatype-com-3567	355	279	:	:	:
www-sonatype-com-3567	355	280	H	h	NN
www-sonatype-com-3567	355	281	O	o	NN
www-sonatype-com-3567	355	282	W	w	NN
www-sonatype-com-3567	355	283	H	h	NN
www-sonatype-com-3567	355	284	IG	ig	NN
www-sonatype-com-3567	355	285	H	h	NN
www-sonatype-com-3567	355	286	P	p	NN
www-sonatype-com-3567	355	287	E	e	NN
www-sonatype-com-3567	355	288	R	r	NN
www-sonatype-com-3567	355	289	F	f	NN
www-sonatype-com-3567	355	290	O	o	NN
www-sonatype-com-3567	355	291	R	r	NN
www-sonatype-com-3567	355	292	M	m	NN
www-sonatype-com-3567	355	293	A	A	NNP
www-sonatype-com-3567	355	294	N	n	NN
www-sonatype-com-3567	355	295	C	c	NN
www-sonatype-com-3567	355	296	E	e	NN
www-sonatype-com-3567	355	297	T	t	NN
www-sonatype-com-3567	355	298	E	e	NN
www-sonatype-com-3567	355	299	A	a	NN
www-sonatype-com-3567	355	300	M	m	NN
www-sonatype-com-3567	355	301	S	s	NN
www-sonatype-com-3567	355	302	M	M	NNP
www-sonatype-com-3567	355	303	A	A	NNP
www-sonatype-com-3567	355	304	N	N	NNP
www-sonatype-com-3567	355	305	A	a	NN
www-sonatype-com-3567	355	306	G	g	NN
www-sonatype-com-3567	355	307	E	e	NN
www-sonatype-com-3567	355	308	O	o	NN
www-sonatype-com-3567	355	309	P	p	NN
www-sonatype-com-3567	355	310	E	e	NN
www-sonatype-com-3567	355	311	N	n	NN
www-sonatype-com-3567	355	312	S	s	NN
www-sonatype-com-3567	355	313	O	o	NN
www-sonatype-com-3567	355	314	U	u	NN
www-sonatype-com-3567	355	315	R	r	NN
www-sonatype-com-3567	355	316	C	c	NN
www-sonatype-com-3567	355	317	E	e	NN
www-sonatype-com-3567	355	318	S	s	NN
www-sonatype-com-3567	355	319	O	o	NN
www-sonatype-com-3567	355	320	F	f	NN
www-sonatype-com-3567	355	321	T	t	NN
www-sonatype-com-3567	355	322	W	w	NN
www-sonatype-com-3567	355	323	A	a	NN
www-sonatype-com-3567	355	324	R	r	NN
www-sonatype-com-3567	355	325	E	e	NN
www-sonatype-com-3567	355	326	S	s	NN
www-sonatype-com-3567	355	327	U	u	NN
www-sonatype-com-3567	355	328	P	p	NN
www-sonatype-com-3567	355	329	P	p	NN
www-sonatype-com-3567	355	330	LY	ly	NN
www-sonatype-com-3567	355	331	C	c	NN
www-sonatype-com-3567	355	332	H	h	NN
www-sonatype-com-3567	355	333	A	a	NN
www-sonatype-com-3567	355	334	IN	in	NN
www-sonatype-com-3567	355	335	302020	302020	CD
www-sonatype-com-3567	355	336	STATE	STATE	NNP
www-sonatype-com-3567	355	337	OF	of	IN
www-sonatype-com-3567	355	338	THE	the	DT
www-sonatype-com-3567	355	339	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	355	340	SUPPLY	supply	NN
www-sonatype-com-3567	355	341	CHAIN	CHAIN	NNP
www-sonatype-com-3567	355	342	REPORT	REPORT	NNP
www-sonatype-com-3567	355	343	CHAPTER	chapter	NN
www-sonatype-com-3567	355	344	5	5	CD
www-sonatype-com-3567	355	345	The	the	DT
www-sonatype-com-3567	355	346	Trust	Trust	NNP
www-sonatype-com-3567	355	347	and	and	CC
www-sonatype-com-3567	355	348	Integrity	Integrity	NNP
www-sonatype-com-3567	355	349	of	of	IN
www-sonatype-com-3567	355	350	Software	Software	NNP
www-sonatype-com-3567	355	351	Supply	Supply	NNP
www-sonatype-com-3567	355	352	Chains	Chains	NNPS
www-sonatype-com-3567	355	353	Enterprise	Enterprise	NNP
www-sonatype-com-3567	355	354	development	development	NN
www-sonatype-com-3567	355	355	teams	team	NNS
www-sonatype-com-3567	355	356	often	often	RB
www-sonatype-com-3567	355	357	rely	rely	VBP
www-sonatype-com-3567	355	358	on	on	IN
www-sonatype-com-3567	355	359	an	an	DT
www-sonatype-com-3567	355	360	unchecked	unchecked	JJ
www-sonatype-com-3567	355	361	variety	variety	NN
www-sonatype-com-3567	355	362	of	of	IN
www-sonatype-com-3567	355	363	supply	supply	NN
www-sonatype-com-3567	355	364	from	from	IN
www-sonatype-com-3567	355	365	OSS	oss	NN
www-sonatype-com-3567	355	366	projects	project	NNS
www-sonatype-com-3567	355	367	where	where	WRB
www-sonatype-com-3567	355	368	each	each	DT
www-sonatype-com-3567	355	369	developer	developer	NN
www-sonatype-com-3567	355	370	or	or	CC
www-sonatype-com-3567	355	371	development	development	NN
www-sonatype-com-3567	355	372	team	team	NN
www-sonatype-com-3567	355	373	can	can	MD
www-sonatype-com-3567	355	374	make	make	VB
www-sonatype-com-3567	355	375	their	-PRON-	PRP$
www-sonatype-com-3567	355	376	own	own	JJ
www-sonatype-com-3567	355	377	sourcing	sourcing	NN
www-sonatype-com-3567	355	378	and	and	CC
www-sonatype-com-3567	355	379	procurement	procurement	NN
www-sonatype-com-3567	355	380	decisions	decision	NNS
www-sonatype-com-3567	355	381	.	.	.
www-sonatype-com-3567	356	1	Development	development	NN
www-sonatype-com-3567	356	2	teams	team	NNS
www-sonatype-com-3567	356	3	have	have	VBP
www-sonatype-com-3567	356	4	an	an	DT
www-sonatype-com-3567	356	5	inherent	inherent	JJ
www-sonatype-com-3567	356	6	trust	trust	NN
www-sonatype-com-3567	356	7	in	in	IN
www-sonatype-com-3567	356	8	their	-PRON-	PRP$
www-sonatype-com-3567	356	9	OSS	oss	NN
www-sonatype-com-3567	356	10	component	component	NN
www-sonatype-com-3567	356	11	’s	’s	POS
www-sonatype-com-3567	356	12	authenticity	authenticity	NN
www-sonatype-com-3567	356	13	and	and	CC
www-sonatype-com-3567	356	14	integrity	integrity	NN
www-sonatype-com-3567	356	15	.	.	.
www-sonatype-com-3567	357	1	Yet	yet	CC
www-sonatype-com-3567	357	2	the	the	DT
www-sonatype-com-3567	357	3	complexity	complexity	NN
www-sonatype-com-3567	357	4	of	of	IN
www-sonatype-com-3567	357	5	multi	multi	JJ
www-sonatype-com-3567	357	6	-	-	JJ
www-sonatype-com-3567	357	7	layered	layered	JJ
www-sonatype-com-3567	357	8	open	open	JJ
www-sonatype-com-3567	357	9	source	source	NN
www-sonatype-com-3567	357	10	software	software	NN
www-sonatype-com-3567	357	11	supply	supply	NN
www-sonatype-com-3567	357	12	chains	chain	NNS
www-sonatype-com-3567	357	13	can	can	MD
www-sonatype-com-3567	357	14	obfuscate	obfuscate	VB
www-sonatype-com-3567	357	15	risk	risk	NN
www-sonatype-com-3567	357	16	for	for	IN
www-sonatype-com-3567	357	17	those	those	DT
www-sonatype-com-3567	357	18	seeking	seek	VBG
www-sonatype-com-3567	357	19	to	to	TO
www-sonatype-com-3567	357	20	avoid	avoid	VB
www-sonatype-com-3567	357	21	it	-PRON-	PRP
www-sonatype-com-3567	357	22	.	.	.
www-sonatype-com-3567	358	1	Choosing	choose	VBG
www-sonatype-com-3567	358	2	open	open	JJ
www-sonatype-com-3567	358	3	source	source	NN
www-sonatype-com-3567	358	4	projects	project	NNS
www-sonatype-com-3567	358	5	should	should	MD
www-sonatype-com-3567	358	6	be	be	VB
www-sonatype-com-3567	358	7	considered	consider	VBN
www-sonatype-com-3567	358	8	an	an	DT
www-sonatype-com-3567	358	9	important	important	JJ
www-sonatype-com-3567	358	10	strategic	strategic	JJ
www-sonatype-com-3567	358	11	decision	decision	NN
www-sonatype-com-3567	358	12	for	for	IN
www-sonatype-com-3567	358	13	enterprise	enterprise	NN
www-sonatype-com-3567	358	14	soft-	soft-	NN
www-sonatype-com-3567	358	15	ware	ware	JJ
www-sonatype-com-3567	358	16	development	development	NN
www-sonatype-com-3567	358	17	organizations	organization	NNS
www-sonatype-com-3567	358	18	.	.	.
www-sonatype-com-3567	359	1	Just	just	RB
www-sonatype-com-3567	359	2	as	as	IN
www-sonatype-com-3567	359	3	traditional	traditional	JJ
www-sonatype-com-3567	359	4	manufacturing	manufacture	VBG
www-sonatype-com-3567	359	5	supply	supply	NN
www-sonatype-com-3567	359	6	chains	chain	NNS
www-sonatype-com-3567	359	7	intentionally	intentionally	RB
www-sonatype-com-3567	359	8	select	select	VBP
www-sonatype-com-3567	359	9	parts	part	NNS
www-sonatype-com-3567	359	10	from	from	IN
www-sonatype-com-3567	359	11	approved	approve	VBN
www-sonatype-com-3567	359	12	suppliers	supplier	NNS
www-sonatype-com-3567	359	13	and	and	CC
www-sonatype-com-3567	359	14	rely	rely	VB
www-sonatype-com-3567	359	15	upon	upon	IN
www-sonatype-com-3567	359	16	formalized	formalize	VBN
www-sonatype-com-3567	359	17	procurement	procurement	NN
www-sonatype-com-3567	359	18	practices	practice	NNS
www-sonatype-com-3567	359	19	—	—	:
www-sonatype-com-3567	359	20	enterprise	enterprise	NN
www-sonatype-com-3567	359	21	development	development	NN
www-sonatype-com-3567	359	22	teams	team	NNS
www-sonatype-com-3567	359	23	should	should	MD
www-sonatype-com-3567	359	24	adopt	adopt	VB
www-sonatype-com-3567	359	25	similar	similar	JJ
www-sonatype-com-3567	359	26	criteria	criterion	NNS
www-sonatype-com-3567	359	27	for	for	IN
www-sonatype-com-3567	359	28	their	-PRON-	PRP$
www-sonatype-com-3567	359	29	selection	selection	NN
www-sonatype-com-3567	359	30	of	of	IN
www-sonatype-com-3567	359	31	OSS	oss	NN
www-sonatype-com-3567	359	32	components	component	NNS
www-sonatype-com-3567	359	33	to	to	TO
www-sonatype-com-3567	359	34	ensure	ensure	VB
www-sonatype-com-3567	359	35	the	the	DT
www-sonatype-com-3567	359	36	highest	high	JJS
www-sonatype-com-3567	359	37	quality	quality	NN
www-sonatype-com-3567	359	38	parts	part	NNS
www-sonatype-com-3567	359	39	are	be	VBP
www-sonatype-com-3567	359	40	selected	select	VBN
www-sonatype-com-3567	359	41	from	from	IN
www-sonatype-com-3567	359	42	the	the	DT
www-sonatype-com-3567	359	43	best	good	JJS
www-sonatype-com-3567	359	44	and	and	CC
www-sonatype-com-3567	359	45	fewest	few	JJS
www-sonatype-com-3567	359	46	suppliers	supplier	NNS
www-sonatype-com-3567	359	47	.	.	.
www-sonatype-com-3567	360	1	As	as	IN
www-sonatype-com-3567	360	2	Jim	Jim	NNP
www-sonatype-com-3567	360	3	Zemlin	Zemlin	NNP
www-sonatype-com-3567	360	4	,	,	,
www-sonatype-com-3567	360	5	Executive	Executive	NNP
www-sonatype-com-3567	360	6	Director	Director	NNP
www-sonatype-com-3567	360	7	of	of	IN
www-sonatype-com-3567	360	8	the	the	DT
www-sonatype-com-3567	360	9	Linux	Linux	NNP
www-sonatype-com-3567	360	10	Foundation	Foundation	NNP
www-sonatype-com-3567	360	11	recently	recently	RB
www-sonatype-com-3567	360	12	remarked	remark	VBD
www-sonatype-com-3567	360	13	,	,	,
www-sonatype-com-3567	360	14	“	"	``
www-sonatype-com-3567	360	15	Open	open	JJ
www-sonatype-com-3567	360	16	source	source	NN
www-sonatype-com-3567	360	17	is	be	VBZ
www-sonatype-com-3567	360	18	an	an	DT
www-sonatype-com-3567	360	19	undeniable	undeniable	JJ
www-sonatype-com-3567	360	20	and	and	CC
www-sonatype-com-3567	360	21	critical	critical	JJ
www-sonatype-com-3567	360	22	part	part	NN
www-sonatype-com-3567	360	23	of	of	IN
www-sonatype-com-3567	360	24	today	today	NN
www-sonatype-com-3567	360	25	’s	’s	POS
www-sonatype-com-3567	360	26	economy	economy	NN
www-sonatype-com-3567	360	27	,	,	,
www-sonatype-com-3567	360	28	providing	provide	VBG
www-sonatype-com-3567	360	29	the	the	DT
www-sonatype-com-3567	360	30	underpinnings	underpinning	NNS
www-sonatype-com-3567	360	31	for	for	IN
www-sonatype-com-3567	360	32	most	most	JJS
www-sonatype-com-3567	360	33	of	of	IN
www-sonatype-com-3567	360	34	our	-PRON-	PRP$
www-sonatype-com-3567	360	35	global	global	JJ
www-sonatype-com-3567	360	36	commerce	commerce	NN
www-sonatype-com-3567	360	37	.	.	.
www-sonatype-com-3567	361	1	Hundreds	hundred	NNS
www-sonatype-com-3567	361	2	of	of	IN
www-sonatype-com-3567	361	3	thousands	thousand	NNS
www-sonatype-com-3567	361	4	of	of	IN
www-sonatype-com-3567	361	5	open	open	JJ
www-sonatype-com-3567	361	6	source	source	NN
www-sonatype-com-3567	361	7	software	software	NN
www-sonatype-com-3567	361	8	packages	package	NNS
www-sonatype-com-3567	361	9	are	be	VBP
www-sonatype-com-3567	361	10	in	in	IN
www-sonatype-com-3567	361	11	production	production	NN
www-sonatype-com-3567	361	12	applications	application	NNS
www-sonatype-com-3567	361	13	throughout	throughout	IN
www-sonatype-com-3567	361	14	the	the	DT
www-sonatype-com-3567	361	15	supply	supply	NN
www-sonatype-com-3567	361	16	chain	chain	NN
www-sonatype-com-3567	361	17	,	,	,
www-sonatype-com-3567	361	18	so	so	CC
www-sonatype-com-3567	361	19	understanding	understand	VBG
www-sonatype-com-3567	361	20	what	what	WP
www-sonatype-com-3567	361	21	we	-PRON-	PRP
www-sonatype-com-3567	361	22	need	need	VBP
www-sonatype-com-3567	361	23	to	to	TO
www-sonatype-com-3567	361	24	be	be	VB
www-sonatype-com-3567	361	25	assessing	assess	VBG
www-sonatype-com-3567	361	26	for	for	IN
www-sonatype-com-3567	361	27	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	361	28	is	be	VBZ
www-sonatype-com-3567	361	29	the	the	DT
www-sonatype-com-3567	361	30	first	first	JJ
www-sonatype-com-3567	361	31	step	step	NN
www-sonatype-com-3567	361	32	for	for	IN
www-sonatype-com-3567	361	33	ensuring	ensure	VBG
www-sonatype-com-3567	361	34	long	long	JJ
www-sonatype-com-3567	361	35	-	-	HYPH
www-sonatype-com-3567	361	36	term	term	NN
www-sonatype-com-3567	361	37	security	security	NN
www-sonatype-com-3567	361	38	and	and	CC
www-sonatype-com-3567	361	39	sustainability	sustainability	NN
www-sonatype-com-3567	361	40	of	of	IN
www-sonatype-com-3567	361	41	open	open	JJ
www-sonatype-com-3567	361	42	source	source	NN
www-sonatype-com-3567	361	43	software	software	NN
www-sonatype-com-3567	361	44	.	.	.
www-sonatype-com-3567	361	45	”33	”33	VB
www-sonatype-com-3567	361	46	1	1	CD
www-sonatype-com-3567	361	47	in	in	IN
www-sonatype-com-3567	361	48	10	10	CD
www-sonatype-com-3567	361	49	OSS	oss	NN
www-sonatype-com-3567	361	50	Downloads	download	NNS
www-sonatype-com-3567	361	51	Are	be	VBP
www-sonatype-com-3567	361	52	Vulnerable	vulnerable	JJ
www-sonatype-com-3567	361	53	To	to	TO
www-sonatype-com-3567	361	54	better	well	RBR
www-sonatype-com-3567	361	55	understand	understand	VB
www-sonatype-com-3567	361	56	how	how	WRB
www-sonatype-com-3567	361	57	defective	defective	JJ
www-sonatype-com-3567	361	58	and	and	CC
www-sonatype-com-3567	361	59	known	know	VBN
www-sonatype-com-3567	361	60	vul-	vul-	DT
www-sonatype-com-3567	361	61	nerable	nerable	JJ
www-sonatype-com-3567	361	62	component	component	NN
www-sonatype-com-3567	361	63	releases	release	NNS
www-sonatype-com-3567	361	64	flow	flow	VBP
www-sonatype-com-3567	361	65	through	through	IN
www-sonatype-com-3567	361	66	software	software	NN
www-sonatype-com-3567	361	67	supply	supply	NN
www-sonatype-com-3567	361	68	chains	chain	NNS
www-sonatype-com-3567	361	69	,	,	,
www-sonatype-com-3567	361	70	we	-PRON-	PRP
www-sonatype-com-3567	361	71	first	first	RB
www-sonatype-com-3567	361	72	have	have	VBP
www-sonatype-com-3567	361	73	to	to	TO
www-sonatype-com-3567	361	74	look	look	VB
www-sonatype-com-3567	361	75	at	at	IN
www-sonatype-com-3567	361	76	public	public	JJ
www-sonatype-com-3567	361	77	open	open	JJ
www-sonatype-com-3567	361	78	source	source	NN
www-sonatype-com-3567	361	79	repositories	repository	NNS
www-sonatype-com-3567	361	80	(	(	-LRB-
www-sonatype-com-3567	361	81	e.g.	e.g.	RB
www-sonatype-com-3567	361	82	,	,	,
www-sonatype-com-3567	361	83	Maven	Maven	NNP
www-sonatype-com-3567	361	84	Central	Central	NNP
www-sonatype-com-3567	361	85	,	,	,
www-sonatype-com-3567	361	86	npmjs	npmjs	JJ
www-sonatype-com-3567	361	87	.	.	.
www-sonatype-com-3567	362	1	org	org	NNP
www-sonatype-com-3567	362	2	,	,	,
www-sonatype-com-3567	362	3	RubyGems.org	RubyGems.org	NNP
www-sonatype-com-3567	362	4	,	,	,
www-sonatype-com-3567	362	5	NuGet	NuGet	NNP
www-sonatype-com-3567	362	6	Gallery	Gallery	NNP
www-sonatype-com-3567	362	7	)	)	-RRB-
www-sonatype-com-3567	362	8	.	.	.
www-sonatype-com-3567	363	1	Developers	developer	NNS
www-sonatype-com-3567	363	2	download	download	VBP
www-sonatype-com-3567	363	3	free	free	JJ
www-sonatype-com-3567	363	4	open	open	JJ
www-sonatype-com-3567	363	5	source	source	NN
www-sonatype-com-3567	363	6	component	component	NN
www-sonatype-com-3567	363	7	releases	release	NNS
www-sonatype-com-3567	363	8	from	from	IN
www-sonatype-com-3567	363	9	these	these	DT
www-sonatype-com-3567	363	10	internet	internet	NN
www-sonatype-com-3567	363	11	-	-	HYPH
www-sonatype-com-3567	363	12	based	base	VBN
www-sonatype-com-3567	363	13	code	code	NN
www-sonatype-com-3567	363	14	warehouses	warehouse	NNS
www-sonatype-com-3567	363	15	in	in	IN
www-sonatype-com-3567	363	16	order	order	NN
www-sonatype-com-3567	363	17	to	to	TO
www-sonatype-com-3567	363	18	build	build	VB
www-sonatype-com-3567	363	19	their	-PRON-	PRP$
www-sonatype-com-3567	363	20	applications	application	NNS
www-sonatype-com-3567	363	21	.	.	.
www-sonatype-com-3567	364	1	For	for	IN
www-sonatype-com-3567	364	2	the	the	DT
www-sonatype-com-3567	364	3	past	past	JJ
www-sonatype-com-3567	364	4	seven	seven	CD
www-sonatype-com-3567	364	5	years	year	NNS
www-sonatype-com-3567	364	6	Sonatype	Sonatype	NNP
www-sonatype-com-3567	364	7	has	have	VBZ
www-sonatype-com-3567	364	8	analyzed	analyze	VBN
www-sonatype-com-3567	364	9	the	the	DT
www-sonatype-com-3567	364	10	patterns	pattern	NNS
www-sonatype-com-3567	364	11	and	and	CC
www-sonatype-com-3567	364	12	practices	practice	NNS
www-sonatype-com-3567	364	13	associated	associate	VBN
www-sonatype-com-3567	364	14	with	with	IN
www-sonatype-com-3567	364	15	Java	Java	NNP
www-sonatype-com-3567	364	16	components	component	NNS
www-sonatype-com-3567	364	17	being	be	VBG
www-sonatype-com-3567	364	18	downloaded	download	VBN
www-sonatype-com-3567	364	19	from	from	IN
www-sonatype-com-3567	364	20	The	the	DT
www-sonatype-com-3567	364	21	Central	Central	NNP
www-sonatype-com-3567	364	22	Repository	Repository	NNP
www-sonatype-com-3567	364	23	(	(	-LRB-
www-sonatype-com-3567	364	24	FIGURE	FIGURE	NNP
www-sonatype-com-3567	364	25	5B	5b	NN
www-sonatype-com-3567	364	26	)	)	-RRB-
www-sonatype-com-3567	364	27	.	.	.
www-sonatype-com-3567	365	1	In	in	IN
www-sonatype-com-3567	365	2	2019	2019	CD
www-sonatype-com-3567	365	3	,	,	,
www-sonatype-com-3567	365	4	10.4	10.4	CD
www-sonatype-com-3567	365	5	%	%	NN
www-sonatype-com-3567	365	6	of	of	IN
www-sonatype-com-3567	365	7	the	the	DT
www-sonatype-com-3567	365	8	billions	billion	NNS
www-sonatype-com-3567	365	9	of	of	IN
www-sonatype-com-3567	365	10	downloads	download	NNS
www-sonatype-com-3567	365	11	had	have	VBD
www-sonatype-com-3567	365	12	at	at	RB
www-sonatype-com-3567	365	13	least	least	RBS
www-sonatype-com-3567	365	14	one	one	CD
www-sonatype-com-3567	365	15	known	know	VBN
www-sonatype-com-3567	365	16	vulnerability	vulnerability	NN
www-sonatype-com-3567	365	17	.	.	.
www-sonatype-com-3567	365	18	’	'	''
www-sonatype-com-3567	365	19	Furthermore	furthermore	RB
www-sonatype-com-3567	365	20	,	,	,
www-sonatype-com-3567	365	21	research	research	NN
www-sonatype-com-3567	365	22	from	from	IN
www-sonatype-com-3567	365	23	the	the	DT
www-sonatype-com-3567	365	24	University	University	NNP
www-sonatype-com-3567	365	25	of	of	IN
www-sonatype-com-3567	365	26	Darmstadt	Darmstadt	NNP
www-sonatype-com-3567	365	27	published	publish	VBN
www-sonatype-com-3567	365	28	in	in	IN
www-sonatype-com-3567	365	29	August	August	NNP
www-sonatype-com-3567	365	30	2019	2019	CD
www-sonatype-com-3567	365	31	revealed	reveal	VBD
www-sonatype-com-3567	365	32	that	that	IN
www-sonatype-com-3567	365	33	nearly	nearly	RB
www-sonatype-com-3567	365	34	40	40	CD
www-sonatype-com-3567	365	35	%	%	NN
www-sonatype-com-3567	365	36	of	of	IN
www-sonatype-com-3567	365	37	all	all	DT
www-sonatype-com-3567	365	38	npm	npm	NN
www-sonatype-com-3567	365	39	packages	package	NNS
www-sonatype-com-3567	365	40	rely	rely	VBP
www-sonatype-com-3567	365	41	on	on	IN
www-sonatype-com-3567	365	42	code	code	NN
www-sonatype-com-3567	365	43	with	with	IN
www-sonatype-com-3567	365	44	known	know	VBN
www-sonatype-com-3567	365	45	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	365	46	.	.	.
www-sonatype-com-3567	366	1	Perhaps	perhaps	RB
www-sonatype-com-3567	366	2	even	even	RB
www-sonatype-com-3567	366	3	more	more	JJR
www-sonatype-com-3567	366	4	con-	con-	NN
www-sonatype-com-3567	366	5	cerning	cerning	NN
www-sonatype-com-3567	366	6	is	be	VBZ
www-sonatype-com-3567	366	7	that	that	IN
www-sonatype-com-3567	366	8	66	66	CD
www-sonatype-com-3567	366	9	%	%	NN
www-sonatype-com-3567	366	10	of	of	IN
www-sonatype-com-3567	366	11	security	security	NN
www-sonatype-com-3567	366	12	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	366	13	in	in	IN
www-sonatype-com-3567	366	14	npm	npm	NN
www-sonatype-com-3567	366	15	packages	package	NNS
www-sonatype-com-3567	366	16	remain	remain	VBP
www-sonatype-com-3567	366	17	unpatched	unpatched	JJ
www-sonatype-com-3567	366	18	,	,	,
www-sonatype-com-3567	366	19	leaving	leave	VBG
www-sonatype-com-3567	366	20	developers	developer	NNS
www-sonatype-com-3567	366	21	who	who	WP
www-sonatype-com-3567	366	22	want	want	VBP
www-sonatype-com-3567	366	23	to	to	TO
www-sonatype-com-3567	366	24	use	use	VB
www-sonatype-com-3567	366	25	secure	secure	JJ
www-sonatype-com-3567	366	26	packages	package	NNS
www-sonatype-com-3567	366	27	with	with	IN
www-sonatype-com-3567	366	28	no	no	DT
www-sonatype-com-3567	366	29	safe	safe	JJ
www-sonatype-com-3567	366	30	alternatives.34	alternatives.34	NNP
www-sonatype-com-3567	366	31	OSS	OSS	NNP
www-sonatype-com-3567	366	32	Project	Project	NNP
www-sonatype-com-3567	366	33	OSS	OSS	NNP
www-sonatype-com-3567	366	34	Project	Project	NNP
www-sonatype-com-3567	366	35	OSS	OSS	NNP
www-sonatype-com-3567	366	36	Project	Project	NNP
www-sonatype-com-3567	366	37	OSS	OSS	NNP
www-sonatype-com-3567	366	38	Project	Project	NNP
www-sonatype-com-3567	366	39	OSS	OSS	NNP
www-sonatype-com-3567	366	40	Project	Project	NNP
www-sonatype-com-3567	366	41	OSS	OSS	NNP
www-sonatype-com-3567	366	42	Project	Project	NNP
www-sonatype-com-3567	366	43	OSS	OSS	NNP
www-sonatype-com-3567	366	44	Project	Project	NNP
www-sonatype-com-3567	366	45	OSS	OSS	NNP
www-sonatype-com-3567	366	46	Project	Project	NNP
www-sonatype-com-3567	366	47	OSS	OSS	NNP
www-sonatype-com-3567	366	48	Project	Project	NNP
www-sonatype-com-3567	366	49	Contract	Contract	NNP
www-sonatype-com-3567	366	50	Developer	Developer	NNP
www-sonatype-com-3567	366	51	System	System	NNP
www-sonatype-com-3567	366	52	Integrator	Integrator	NNP
www-sonatype-com-3567	366	53	Reduction	Reduction	NNP
www-sonatype-com-3567	366	54	of	of	IN
www-sonatype-com-3567	366	55	Visibility	Visibility	NNP
www-sonatype-com-3567	366	56	,	,	,
www-sonatype-com-3567	366	57	Awareness	Awareness	NNP
www-sonatype-com-3567	366	58	,	,	,
www-sonatype-com-3567	366	59	and	and	CC
www-sonatype-com-3567	366	60	Control	Control	NNP
www-sonatype-com-3567	366	61	OSS	OSS	NNP
www-sonatype-com-3567	366	62	Project	Project	NNP
www-sonatype-com-3567	366	63	OSS	OSS	NNP
www-sonatype-com-3567	366	64	Project	Project	NNP
www-sonatype-com-3567	366	65	OSS	OSS	NNP
www-sonatype-com-3567	366	66	Project	Project	NNP
www-sonatype-com-3567	366	67	OSS	OSS	NNP
www-sonatype-com-3567	366	68	Project	Project	NNP
www-sonatype-com-3567	366	69	Organization	Organization	NNP
www-sonatype-com-3567	366	70	Development	Development	NNP
www-sonatype-com-3567	366	71	’s	’s	POS
www-sonatype-com-3567	366	72	Visibility	Visibility	NNP
www-sonatype-com-3567	366	73	,	,	,
www-sonatype-com-3567	366	74	Awareness	Awareness	NNP
www-sonatype-com-3567	366	75	,	,	,
www-sonatype-com-3567	366	76	and	and	CC
www-sonatype-com-3567	366	77	Control	Control	NNP
www-sonatype-com-3567	366	78	of	of	IN
www-sonatype-com-3567	366	79	its	-PRON-	PRP$
www-sonatype-com-3567	366	80	Software	Software	NNP
www-sonatype-com-3567	366	81	Supply	Supply	NNP
www-sonatype-com-3567	366	82	Chain	chain	NN
www-sonatype-com-3567	366	83	FIGURE	figure	VBP
www-sonatype-com-3567	366	84	5A	5a	NN
www-sonatype-com-3567	366	85	Development	development	NN
www-sonatype-com-3567	366	86	’s	’s	POS
www-sonatype-com-3567	366	87	Visibility	Visibility	NNP
www-sonatype-com-3567	366	88	,	,	,
www-sonatype-com-3567	366	89	Awareness	Awareness	NNP
www-sonatype-com-3567	366	90	and	and	CC
www-sonatype-com-3567	366	91	Control	Control	NNP
www-sonatype-com-3567	366	92	of	of	IN
www-sonatype-com-3567	366	93	its	-PRON-	PRP$
www-sonatype-com-3567	366	94	Software	Software	NNP
www-sonatype-com-3567	366	95	Supply	Supply	NNP
www-sonatype-com-3567	366	96	Chain	Chain	NNP
www-sonatype-com-3567	366	97	2013	2013	CD
www-sonatype-com-3567	366	98	2014	2014	CD
www-sonatype-com-3567	366	99	2015	2015	CD
www-sonatype-com-3567	366	100	2016	2016	CD
www-sonatype-com-3567	366	101	2017	2017	CD
www-sonatype-com-3567	366	102	2018	2018	CD
www-sonatype-com-3567	366	103	2019	2019	CD
www-sonatype-com-3567	366	104	Percentage	Percentage	NNP
www-sonatype-com-3567	366	105	of	of	IN
www-sonatype-com-3567	366	106	downloads	download	NNS
www-sonatype-com-3567	366	107	with	with	IN
www-sonatype-com-3567	366	108	known	know	VBN
www-sonatype-com-3567	366	109	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	366	110	5.4	5.4	CD
www-sonatype-com-3567	366	111	%	%	NN
www-sonatype-com-3567	366	112	6.2	6.2	CD
www-sonatype-com-3567	366	113	%	%	NN
www-sonatype-com-3567	366	114	6.1	6.1	CD
www-sonatype-com-3567	366	115	%	%	NN
www-sonatype-com-3567	366	116	5.5	5.5	CD
www-sonatype-com-3567	366	117	%	%	NN
www-sonatype-com-3567	366	118	12.1	12.1	CD
www-sonatype-com-3567	366	119	%	%	NN
www-sonatype-com-3567	366	120	10.3	10.3	CD
www-sonatype-com-3567	366	121	%	%	NN
www-sonatype-com-3567	366	122	10.4	10.4	CD
www-sonatype-com-3567	366	123	%	%	NN
www-sonatype-com-3567	366	124	FIGURE	FIGURE	NNP
www-sonatype-com-3567	366	125	5B	5b	JJ
www-sonatype-com-3567	366	126	322020	322020	CD
www-sonatype-com-3567	366	127	STATE	STATE	NNP
www-sonatype-com-3567	366	128	OF	of	IN
www-sonatype-com-3567	366	129	THE	the	DT
www-sonatype-com-3567	366	130	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	366	131	SUPPLY	supply	NN
www-sonatype-com-3567	366	132	CHAIN	chain	NN
www-sonatype-com-3567	366	133	REPORT	report	NN
www-sonatype-com-3567	366	134	C	c	NN
www-sonatype-com-3567	366	135	H	h	NN
www-sonatype-com-3567	366	136	A	a	NN
www-sonatype-com-3567	366	137	P	p	NN
www-sonatype-com-3567	366	138	T	t	NN
www-sonatype-com-3567	366	139	E	e	NN
www-sonatype-com-3567	366	140	R	r	NN
www-sonatype-com-3567	366	141	5	5	CD
www-sonatype-com-3567	366	142	:	:	:
www-sonatype-com-3567	366	143	T	t	NN
www-sonatype-com-3567	366	144	H	h	NN
www-sonatype-com-3567	366	145	E	e	NN
www-sonatype-com-3567	366	146	T	t	NN
www-sonatype-com-3567	366	147	R	r	NN
www-sonatype-com-3567	366	148	U	u	NN
www-sonatype-com-3567	366	149	S	s	NN
www-sonatype-com-3567	366	150	T	t	NN
www-sonatype-com-3567	366	151	A	a	NN
www-sonatype-com-3567	366	152	N	n	NN
www-sonatype-com-3567	366	153	D	d	NN
www-sonatype-com-3567	366	154	I	i	NN
www-sonatype-com-3567	366	155	N	n	NN
www-sonatype-com-3567	366	156	T	t	NN
www-sonatype-com-3567	366	157	E	e	NN
www-sonatype-com-3567	366	158	G	g	NN
www-sonatype-com-3567	366	159	R	r	NN
www-sonatype-com-3567	366	160	IT	it	NN
www-sonatype-com-3567	366	161	Y	y	NN
www-sonatype-com-3567	366	162	O	o	NN
www-sonatype-com-3567	366	163	F	f	NN
www-sonatype-com-3567	366	164	S	s	NN
www-sonatype-com-3567	366	165	O	o	NN
www-sonatype-com-3567	366	166	F	f	NN
www-sonatype-com-3567	366	167	T	T	NNP
www-sonatype-com-3567	366	168	W	w	NN
www-sonatype-com-3567	366	169	A	a	NN
www-sonatype-com-3567	366	170	R	r	NN
www-sonatype-com-3567	366	171	E	e	NN
www-sonatype-com-3567	366	172	S	s	NN
www-sonatype-com-3567	366	173	U	u	NN
www-sonatype-com-3567	366	174	P	p	NN
www-sonatype-com-3567	366	175	P	p	NN
www-sonatype-com-3567	366	176	LY	ly	NN
www-sonatype-com-3567	366	177	C	c	NN
www-sonatype-com-3567	366	178	H	h	NN
www-sonatype-com-3567	366	179	A	a	NN
www-sonatype-com-3567	366	180	IN	in	NN
www-sonatype-com-3567	366	181	S	s	NN
www-sonatype-com-3567	366	182	Enterprises	enterprise	NNS
www-sonatype-com-3567	366	183	Rely	rely	VBP
www-sonatype-com-3567	366	184	on	on	IN
www-sonatype-com-3567	366	185	Code	Code	NNP
www-sonatype-com-3567	366	186	From	from	IN
www-sonatype-com-3567	366	187	3,500	3,500	CD
www-sonatype-com-3567	366	188	Suppliers	Suppliers	NNPS
www-sonatype-com-3567	366	189	,	,	,
www-sonatype-com-3567	366	190	But	but	CC
www-sonatype-com-3567	366	191	Quality	Quality	NNP
www-sonatype-com-3567	366	192	Varies	Varies	NNPS
www-sonatype-com-3567	366	193	Developers	Developers	NNPS
www-sonatype-com-3567	366	194	build	build	VBP
www-sonatype-com-3567	366	195	applications	application	NNS
www-sonatype-com-3567	366	196	with	with	IN
www-sonatype-com-3567	366	197	someone	someone	NN
www-sonatype-com-3567	366	198	else	else	RB
www-sonatype-com-3567	366	199	’s	’s	POS
www-sonatype-com-3567	366	200	code	code	NN
www-sonatype-com-3567	366	201	.	.	.
www-sonatype-com-3567	367	1	Our	-PRON-	PRP$
www-sonatype-com-3567	367	2	study	study	NN
www-sonatype-com-3567	367	3	of	of	IN
www-sonatype-com-3567	367	4	15,000	15,000	CD
www-sonatype-com-3567	367	5	enterprise	enterprise	NN
www-sonatype-com-3567	367	6	software	software	NN
www-sonatype-com-3567	367	7	development	development	NN
www-sonatype-com-3567	367	8	organizations	organization	NNS
www-sonatype-com-3567	367	9	revealed	reveal	VBD
www-sonatype-com-3567	367	10	an	an	DT
www-sonatype-com-3567	367	11	average	average	NN
www-sonatype-com-3567	367	12	of	of	IN
www-sonatype-com-3567	367	13	373,000	373,000	CD
www-sonatype-com-3567	367	14	open	open	JJ
www-sonatype-com-3567	367	15	source	source	NN
www-sonatype-com-3567	367	16	component	component	NN
www-sonatype-com-3567	367	17	downloads	download	NNS
www-sonatype-com-3567	367	18	annually	annually	RB
www-sonatype-com-3567	367	19	.	.	.
www-sonatype-com-3567	368	1	The	the	DT
www-sonatype-com-3567	368	2	downloads	download	NNS
www-sonatype-com-3567	368	3	represent	represent	VBP
www-sonatype-com-3567	368	4	an	an	DT
www-sonatype-com-3567	368	5	average	average	NN
www-sonatype-com-3567	368	6	of	of	IN
www-sonatype-com-3567	368	7	3,552	3,552	CD
www-sonatype-com-3567	368	8	OSS	oss	NN
www-sonatype-com-3567	368	9	projects	project	NNS
www-sonatype-com-3567	368	10	—	—	:
www-sonatype-com-3567	368	11	the	the	DT
www-sonatype-com-3567	368	12	external	external	JJ
www-sonatype-com-3567	368	13	supplier	supplier	NN
www-sonatype-com-3567	368	14	network	network	NN
www-sonatype-com-3567	368	15	for	for	IN
www-sonatype-com-3567	368	16	code	code	NN
www-sonatype-com-3567	368	17	serving	serve	VBG
www-sonatype-com-3567	368	18	modern	modern	JJ
www-sonatype-com-3567	368	19	enterprise	enterprise	NN
www-sonatype-com-3567	368	20	development	development	NN
www-sonatype-com-3567	368	21	.	.	.
www-sonatype-com-3567	369	1	These	these	DT
www-sonatype-com-3567	369	2	downloads	download	NNS
www-sonatype-com-3567	369	3	represent	represent	VBP
www-sonatype-com-3567	369	4	11,294	11,294	CD
www-sonatype-com-3567	369	5	component	component	NN
www-sonatype-com-3567	369	6	releases	release	NNS
www-sonatype-com-3567	369	7	from	from	IN
www-sonatype-com-3567	369	8	those	those	DT
www-sonatype-com-3567	369	9	projects	project	NNS
www-sonatype-com-3567	369	10	.	.	.
www-sonatype-com-3567	370	1	Further	further	JJ
www-sonatype-com-3567	370	2	analysis	analysis	NN
www-sonatype-com-3567	370	3	of	of	IN
www-sonatype-com-3567	370	4	downloads	download	NNS
www-sonatype-com-3567	370	5	from	from	IN
www-sonatype-com-3567	370	6	those	those	DT
www-sonatype-com-3567	370	7	organiza-	organiza-	JJ
www-sonatype-com-3567	370	8	tions	tion	NNS
www-sonatype-com-3567	370	9	reveals	reveal	VBZ
www-sonatype-com-3567	370	10	that	that	IN
www-sonatype-com-3567	370	11	30,862	30,862	CD
www-sonatype-com-3567	370	12	(	(	-LRB-
www-sonatype-com-3567	370	13	8.3	8.3	CD
www-sonatype-com-3567	370	14	%	%	NN
www-sonatype-com-3567	370	15	)	)	-RRB-
www-sonatype-com-3567	370	16	included	include	VBD
www-sonatype-com-3567	370	17	at	at	IN
www-sonatype-com-3567	370	18	least	least	RBS
www-sonatype-com-3567	370	19	one	one	CD
www-sonatype-com-3567	370	20	known	know	VBN
www-sonatype-com-3567	370	21	security	security	NN
www-sonatype-com-3567	370	22	vulnerability	vulnerability	NN
www-sonatype-com-3567	370	23	.	.	.
www-sonatype-com-3567	371	1	Just	just	RB
www-sonatype-com-3567	371	2	as	as	RB
www-sonatype-com-3567	371	3	well	well	RB
www-sonatype-com-3567	371	4	,	,	,
www-sonatype-com-3567	371	5	not	not	RB
www-sonatype-com-3567	371	6	all	all	DT
www-sonatype-com-3567	371	7	security	security	NN
www-sonatype-com-3567	371	8	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	371	9	are	be	VBP
www-sonatype-com-3567	371	10	created	create	VBN
www-sonatype-com-3567	371	11	equal	equal	JJ
www-sonatype-com-3567	371	12	.	.	.
www-sonatype-com-3567	372	1	Of	of	IN
www-sonatype-com-3567	372	2	the	the	DT
www-sonatype-com-3567	372	3	30,862	30,862	CD
www-sonatype-com-3567	372	4	vulnerable	vulnerable	JJ
www-sonatype-com-3567	372	5	downloads	download	NNS
www-sonatype-com-3567	372	6	,	,	,
www-sonatype-com-3567	372	7	68	68	CD
www-sonatype-com-3567	372	8	%	%	NN
www-sonatype-com-3567	372	9	had	have	VBD
www-sonatype-com-3567	372	10	Common	common	JJ
www-sonatype-com-3567	372	11	Vulnerability	vulnerability	NN
www-sonatype-com-3567	372	12	Scoring	Scoring	NNP
www-sonatype-com-3567	372	13	System	System	NNP
www-sonatype-com-3567	372	14	(	(	-LRB-
www-sonatype-com-3567	372	15	CVSS	CVSS	NNP
www-sonatype-com-3567	372	16	)	)	-RRB-
www-sonatype-com-3567	372	17	at	at	IN
www-sonatype-com-3567	372	18	7.0	7.0	CD
www-sonatype-com-3567	372	19	or	or	CC
www-sonatype-com-3567	372	20	above	above	RB
www-sonatype-com-3567	372	21	on	on	IN
www-sonatype-com-3567	372	22	a	a	DT
www-sonatype-com-3567	372	23	10	10	CD
www-sonatype-com-3567	372	24	point	point	NN
www-sonatype-com-3567	372	25	scale	scale	NN
www-sonatype-com-3567	372	26	.	.	.
www-sonatype-com-3567	373	1	Thirty	thirty	CD
www-sonatype-com-3567	373	2	percent	percent	NN
www-sonatype-com-3567	373	3	(	(	-LRB-
www-sonatype-com-3567	373	4	30	30	CD
www-sonatype-com-3567	373	5	%	%	NN
www-sonatype-com-3567	373	6	)	)	-RRB-
www-sonatype-com-3567	373	7	had	have	VBD
www-sonatype-com-3567	373	8	CVSS	CVSS	NNP
www-sonatype-com-3567	373	9	scores	score	NNS
www-sonatype-com-3567	373	10	above	above	IN
www-sonatype-com-3567	373	11	9.0	9.0	CD
www-sonatype-com-3567	373	12	on	on	IN
www-sonatype-com-3567	373	13	a	a	DT
www-sonatype-com-3567	373	14	10	10	CD
www-sonatype-com-3567	373	15	point	point	NN
www-sonatype-com-3567	373	16	scale	scale	NN
www-sonatype-com-3567	373	17	.	.	.
www-sonatype-com-3567	374	1	Minor	minor	JJ
www-sonatype-com-3567	374	2	fluctu-	fluctu-	JJ
www-sonatype-com-3567	374	3	ations	ation	NNS
www-sonatype-com-3567	374	4	in	in	IN
www-sonatype-com-3567	374	5	the	the	DT
www-sonatype-com-3567	374	6	percentage	percentage	NN
www-sonatype-com-3567	374	7	of	of	IN
www-sonatype-com-3567	374	8	vulnerable	vulnerable	JJ
www-sonatype-com-3567	374	9	downloads	download	NNS
www-sonatype-com-3567	374	10	were	be	VBD
www-sonatype-com-3567	374	11	seen	see	VBN
www-sonatype-com-3567	374	12	on	on	IN
www-sonatype-com-3567	374	13	a	a	DT
www-sonatype-com-3567	374	14	country	country	NN
www-sonatype-com-3567	374	15	by	by	IN
www-sonatype-com-3567	374	16	country	country	NN
www-sonatype-com-3567	374	17	basis	basis	NN
www-sonatype-com-3567	374	18	:	:	:
www-sonatype-com-3567	374	19	United	United	NNP
www-sonatype-com-3567	374	20	States	States	NNP
www-sonatype-com-3567	374	21	(	(	-LRB-
www-sonatype-com-3567	374	22	8.6	8.6	CD
www-sonatype-com-3567	374	23	%	%	NN
www-sonatype-com-3567	374	24	)	)	-RRB-
www-sonatype-com-3567	374	25	,	,	,
www-sonatype-com-3567	374	26	France	France	NNP
www-sonatype-com-3567	374	27	(	(	-LRB-
www-sonatype-com-3567	374	28	8.3	8.3	CD
www-sonatype-com-3567	374	29	%	%	NN
www-sonatype-com-3567	374	30	)	)	-RRB-
www-sonatype-com-3567	374	31	,	,	,
www-sonatype-com-3567	374	32	United	United	NNP
www-sonatype-com-3567	374	33	Kingdom	Kingdom	NNP
www-sonatype-com-3567	374	34	(	(	-LRB-
www-sonatype-com-3567	374	35	8.6	8.6	CD
www-sonatype-com-3567	374	36	%	%	NN
www-sonatype-com-3567	374	37	)	)	-RRB-
www-sonatype-com-3567	374	38	,	,	,
www-sonatype-com-3567	374	39	and	and	CC
www-sonatype-com-3567	374	40	Germany	Germany	NNP
www-sonatype-com-3567	374	41	(	(	-LRB-
www-sonatype-com-3567	374	42	7.81	7.81	CD
www-sonatype-com-3567	374	43	%	%	NN
www-sonatype-com-3567	374	44	)	)	-RRB-
www-sonatype-com-3567	374	45	.	.	.
www-sonatype-com-3567	375	1	OSS	oss	NN
www-sonatype-com-3567	375	2	Components	component	NNS
www-sonatype-com-3567	375	3	Make	make	VBP
www-sonatype-com-3567	375	4	Up	up	RP
www-sonatype-com-3567	375	5	90	90	CD
www-sonatype-com-3567	375	6	%	%	NN
www-sonatype-com-3567	375	7	of	of	IN
www-sonatype-com-3567	375	8	a	a	DT
www-sonatype-com-3567	375	9	Modern	Modern	NNP
www-sonatype-com-3567	375	10	Application	Application	NNP
www-sonatype-com-3567	375	11	Just	just	RB
www-sonatype-com-3567	375	12	because	because	IN
www-sonatype-com-3567	375	13	a	a	DT
www-sonatype-com-3567	375	14	developer	developer	NN
www-sonatype-com-3567	375	15	downloaded	download	VBD
www-sonatype-com-3567	375	16	a	a	DT
www-sonatype-com-3567	375	17	compo-	compo-	NN
www-sonatype-com-3567	375	18	nent	nent	NN
www-sonatype-com-3567	375	19	does	do	VBZ
www-sonatype-com-3567	375	20	not	not	RB
www-sonatype-com-3567	375	21	mean	mean	VB
www-sonatype-com-3567	375	22	that	that	IN
www-sonatype-com-3567	375	23	it	-PRON-	PRP
www-sonatype-com-3567	375	24	was	be	VBD
www-sonatype-com-3567	375	25	used	use	VBN
www-sonatype-com-3567	375	26	in	in	IN
www-sonatype-com-3567	375	27	an	an	DT
www-sonatype-com-3567	375	28	applica-	applica-	JJ
www-sonatype-com-3567	375	29	tion	tion	NN
www-sonatype-com-3567	375	30	.	.	.
www-sonatype-com-3567	376	1	To	to	TO
www-sonatype-com-3567	376	2	better	well	RBR
www-sonatype-com-3567	376	3	understand	understand	VB
www-sonatype-com-3567	376	4	how	how	WRB
www-sonatype-com-3567	376	5	many	many	JJ
www-sonatype-com-3567	376	6	open	open	JJ
www-sonatype-com-3567	376	7	source	source	NN
www-sonatype-com-3567	376	8	components	component	NNS
www-sonatype-com-3567	376	9	were	be	VBD
www-sonatype-com-3567	376	10	used	use	VBN
www-sonatype-com-3567	376	11	by	by	IN
www-sonatype-com-3567	376	12	developers	developer	NNS
www-sonatype-com-3567	376	13	,	,	,
www-sonatype-com-3567	376	14	we	-PRON-	PRP
www-sonatype-com-3567	376	15	inves-	inves-	VBZ
www-sonatype-com-3567	376	16	tigated	tigate	VBD
www-sonatype-com-3567	376	17	and	and	CC
www-sonatype-com-3567	376	18	analyzed	analyze	VBD
www-sonatype-com-3567	376	19	1,700	1,700	CD
www-sonatype-com-3567	376	20	applications	application	NNS
www-sonatype-com-3567	376	21	for	for	IN
www-sonatype-com-3567	376	22	this	this	DT
www-sonatype-com-3567	376	23	year	year	NN
www-sonatype-com-3567	376	24	’s	’s	POS
www-sonatype-com-3567	376	25	report	report	NN
www-sonatype-com-3567	376	26	.	.	.
www-sonatype-com-3567	377	1	We	-PRON-	PRP
www-sonatype-com-3567	377	2	found	find	VBD
www-sonatype-com-3567	377	3	that	that	IN
www-sonatype-com-3567	377	4	development	development	NN
www-sonatype-com-3567	377	5	teams	team	NNS
www-sonatype-com-3567	377	6	use	use	VBP
www-sonatype-com-3567	377	7	an	an	DT
www-sonatype-com-3567	377	8	average	average	NN
www-sonatype-com-3567	377	9	of	of	IN
www-sonatype-com-3567	377	10	135	135	CD
www-sonatype-com-3567	377	11	software	software	NN
www-sonatype-com-3567	377	12	components	component	NNS
www-sonatype-com-3567	377	13	of	of	IN
www-sonatype-com-3567	377	14	which	which	WDT
www-sonatype-com-3567	377	15	90	90	CD
www-sonatype-com-3567	377	16	%	%	NN
www-sonatype-com-3567	377	17	are	be	VBP
www-sonatype-com-3567	377	18	open	open	JJ
www-sonatype-com-3567	377	19	source	source	NN
www-sonatype-com-3567	377	20	.	.	.
www-sonatype-com-3567	378	1	It	-PRON-	PRP
www-sonatype-com-3567	378	2	was	be	VBD
www-sonatype-com-3567	378	3	not	not	RB
www-sonatype-com-3567	378	4	uncommon	uncommon	JJ
www-sonatype-com-3567	378	5	to	to	TO
www-sonatype-com-3567	378	6	see	see	VB
www-sonatype-com-3567	378	7	applications	application	NNS
www-sonatype-com-3567	378	8	assembled	assemble	VBN
www-sonatype-com-3567	378	9	from	from	IN
www-sonatype-com-3567	378	10	2,000	2,000	CD
www-sonatype-com-3567	378	11	–	–	:
www-sonatype-com-3567	378	12	4,000	4,000	CD
www-sonatype-com-3567	378	13	OSS	oss	NN
www-sonatype-com-3567	378	14	component	component	NN
www-sonatype-com-3567	378	15	releases	release	NNS
www-sonatype-com-3567	378	16	.	.	.
www-sonatype-com-3567	379	1	Construct	construct	VB
www-sonatype-com-3567	379	2	of	of	IN
www-sonatype-com-3567	379	3	a	a	DT
www-sonatype-com-3567	379	4	Modern	Modern	NNP
www-sonatype-com-3567	379	5	Application	Application	NNP
www-sonatype-com-3567	379	6	90	90	CD
www-sonatype-com-3567	379	7	%	%	NN
www-sonatype-com-3567	379	8	of	of	IN
www-sonatype-com-3567	379	9	components	component	NNS
www-sonatype-com-3567	379	10	in	in	IN
www-sonatype-com-3567	379	11	an	an	DT
www-sonatype-com-3567	379	12	application	application	NN
www-sonatype-com-3567	379	13	are	be	VBP
www-sonatype-com-3567	379	14	open	open	JJ
www-sonatype-com-3567	379	15	source	source	NN
www-sonatype-com-3567	379	16	.	.	.
www-sonatype-com-3567	380	1	11	11	CD
www-sonatype-com-3567	380	2	%	%	NN
www-sonatype-com-3567	380	3	of	of	IN
www-sonatype-com-3567	380	4	those	those	DT
www-sonatype-com-3567	380	5	are	be	VBP
www-sonatype-com-3567	380	6	known	know	VBN
www-sonatype-com-3567	380	7	to	to	TO
www-sonatype-com-3567	380	8	be	be	VB
www-sonatype-com-3567	380	9	vulnerable	vulnerable	JJ
www-sonatype-com-3567	380	10	.	.	.
www-sonatype-com-3567	381	1	FIGURE	FIGURE	NNP
www-sonatype-com-3567	381	2	5C	5c	NN
www-sonatype-com-3567	381	3	Construct	construct	NN
www-sonatype-com-3567	381	4	of	of	IN
www-sonatype-com-3567	381	5	a	a	DT
www-sonatype-com-3567	381	6	Modern	Modern	NNP
www-sonatype-com-3567	381	7	Application	Application	NNP
www-sonatype-com-3567	381	8	2012	2012	CD
www-sonatype-com-3567	381	9	2014	2014	CD
www-sonatype-com-3567	381	10	20182013	20182013	CD
www-sonatype-com-3567	381	11	2015	2015	CD
www-sonatype-com-3567	381	12	454	454	CD
www-sonatype-com-3567	381	13	8	8	CD
www-sonatype-com-3567	381	14	2016	2016	CD
www-sonatype-com-3567	381	15	2017	2017	CD
www-sonatype-com-3567	381	16	221	221	CD
www-sonatype-com-3567	381	17	25	25	CD
www-sonatype-com-3567	381	18	252	252	CD
www-sonatype-com-3567	381	19	29	29	CD
www-sonatype-com-3567	381	20	626	626	CD
www-sonatype-com-3567	381	21	29	29	CD
www-sonatype-com-3567	381	22	236	236	CD
www-sonatype-com-3567	381	23	25	25	CD
www-sonatype-com-3567	381	24	560	560	CD
www-sonatype-com-3567	381	25	27	27	CD
www-sonatype-com-3567	381	26	590	590	CD
www-sonatype-com-3567	381	27	17	17	CD
www-sonatype-com-3567	381	28	Average	average	JJ
www-sonatype-com-3567	381	29	OSS	OSS	NNP
www-sonatype-com-3567	381	30	disclosed	disclose	VBN
www-sonatype-com-3567	381	31	by	by	IN
www-sonatype-com-3567	381	32	development	development	NN
www-sonatype-com-3567	381	33	teams	team	NNS
www-sonatype-com-3567	381	34	.	.	.
www-sonatype-com-3567	382	1	Average	average	JJ
www-sonatype-com-3567	382	2	OSS	oss	NN
www-sonatype-com-3567	382	3	disclosed	disclose	VBN
www-sonatype-com-3567	382	4	by	by	IN
www-sonatype-com-3567	382	5	audit	audit	NN
www-sonatype-com-3567	382	6	teams	team	NNS
www-sonatype-com-3567	382	7	for	for	IN
www-sonatype-com-3567	382	8	the	the	DT
www-sonatype-com-3567	382	9	same	same	JJ
www-sonatype-com-3567	382	10	projects	project	NNS
www-sonatype-com-3567	382	11	.	.	.
www-sonatype-com-3567	383	1	The	the	DT
www-sonatype-com-3567	383	2	OSS	oss	NN
www-sonatype-com-3567	383	3	Knowledge	knowledge	NN
www-sonatype-com-3567	383	4	Gap	Gap	NNP
www-sonatype-com-3567	383	5	Widens	widen	VBZ
www-sonatype-com-3567	383	6	Over	over	IN
www-sonatype-com-3567	383	7	Time	Time	NNP
www-sonatype-com-3567	383	8	SOURCE	SOURCE	NNP
www-sonatype-com-3567	383	9	:	:	:
www-sonatype-com-3567	383	10	REVENERA	REVENERA	NNP
www-sonatype-com-3567	383	11	,	,	,
www-sonatype-com-3567	383	12	THE	the	DT
www-sonatype-com-3567	383	13	MATURITY	MATURITY	NNP
www-sonatype-com-3567	383	14	OF	of	IN
www-sonatype-com-3567	383	15	OPEN	OPEN	NNP
www-sonatype-com-3567	383	16	SOURCE	SOURCE	NNP
www-sonatype-com-3567	383	17	SOFTWARE	software	NN
www-sonatype-com-3567	383	18	FIGURE	FIGURE	NNS
www-sonatype-com-3567	383	19	5D	5D	VBZ
www-sonatype-com-3567	383	20	The	the	DT
www-sonatype-com-3567	383	21	OSS	oss	NN
www-sonatype-com-3567	383	22	Knowledge	knowledge	NN
www-sonatype-com-3567	383	23	Gap	Gap	NNP
www-sonatype-com-3567	383	24	Widens	widen	VBZ
www-sonatype-com-3567	383	25	Over	over	IN
www-sonatype-com-3567	383	26	Time	Time	NNP
www-sonatype-com-3567	383	27	SOURCE	SOURCE	NNP
www-sonatype-com-3567	383	28	:	:	:
www-sonatype-com-3567	383	29	Revenera	Revenera	NNP
www-sonatype-com-3567	383	30	,	,	,
www-sonatype-com-3567	383	31	The	the	DT
www-sonatype-com-3567	383	32	Maturity	Maturity	NNP
www-sonatype-com-3567	383	33	of	of	IN
www-sonatype-com-3567	383	34	Open	Open	NNP
www-sonatype-com-3567	383	35	Source	Source	NNP
www-sonatype-com-3567	383	36	Software	Software	NNP
www-sonatype-com-3567	383	37	332020	332020	CD
www-sonatype-com-3567	383	38	STATE	STATE	NNP
www-sonatype-com-3567	383	39	OF	of	IN
www-sonatype-com-3567	383	40	THE	the	DT
www-sonatype-com-3567	383	41	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	383	42	SUPPLY	supply	NN
www-sonatype-com-3567	383	43	CHAIN	chain	NN
www-sonatype-com-3567	383	44	REPORT	report	NN
www-sonatype-com-3567	383	45	C	c	NN
www-sonatype-com-3567	383	46	H	h	NN
www-sonatype-com-3567	383	47	A	a	NN
www-sonatype-com-3567	383	48	P	p	NN
www-sonatype-com-3567	383	49	T	t	NN
www-sonatype-com-3567	383	50	E	e	NN
www-sonatype-com-3567	383	51	R	r	NN
www-sonatype-com-3567	383	52	5	5	CD
www-sonatype-com-3567	383	53	:	:	:
www-sonatype-com-3567	383	54	T	t	NN
www-sonatype-com-3567	383	55	H	h	NN
www-sonatype-com-3567	383	56	E	e	NN
www-sonatype-com-3567	383	57	T	t	NN
www-sonatype-com-3567	383	58	R	r	NN
www-sonatype-com-3567	383	59	U	u	NN
www-sonatype-com-3567	383	60	S	s	NN
www-sonatype-com-3567	383	61	T	t	NN
www-sonatype-com-3567	383	62	A	a	NN
www-sonatype-com-3567	383	63	N	n	NN
www-sonatype-com-3567	383	64	D	d	NN
www-sonatype-com-3567	383	65	I	i	NN
www-sonatype-com-3567	383	66	N	n	NN
www-sonatype-com-3567	383	67	T	t	NN
www-sonatype-com-3567	383	68	E	e	NN
www-sonatype-com-3567	383	69	G	g	NN
www-sonatype-com-3567	383	70	R	r	NN
www-sonatype-com-3567	383	71	IT	it	NN
www-sonatype-com-3567	383	72	Y	y	NN
www-sonatype-com-3567	383	73	O	o	NN
www-sonatype-com-3567	383	74	F	f	NN
www-sonatype-com-3567	383	75	S	s	NN
www-sonatype-com-3567	383	76	O	o	NN
www-sonatype-com-3567	383	77	F	f	NN
www-sonatype-com-3567	383	78	T	T	NNP
www-sonatype-com-3567	383	79	W	w	NN
www-sonatype-com-3567	383	80	A	a	NN
www-sonatype-com-3567	383	81	R	r	NN
www-sonatype-com-3567	383	82	E	e	NN
www-sonatype-com-3567	383	83	S	s	NN
www-sonatype-com-3567	383	84	U	u	NN
www-sonatype-com-3567	383	85	P	p	NN
www-sonatype-com-3567	383	86	P	p	NN
www-sonatype-com-3567	383	87	LY	ly	NN
www-sonatype-com-3567	383	88	C	c	NN
www-sonatype-com-3567	383	89	H	h	NN
www-sonatype-com-3567	383	90	A	a	NN
www-sonatype-com-3567	383	91	IN	in	NN
www-sonatype-com-3567	383	92	S	s	NN
www-sonatype-com-3567	383	93	Furthermore	furthermore	RB
www-sonatype-com-3567	383	94	,	,	,
www-sonatype-com-3567	383	95	11	11	CD
www-sonatype-com-3567	383	96	%	%	NN
www-sonatype-com-3567	383	97	of	of	IN
www-sonatype-com-3567	383	98	the	the	DT
www-sonatype-com-3567	383	99	open	open	JJ
www-sonatype-com-3567	383	100	source	source	NN
www-sonatype-com-3567	383	101	components	component	NNS
www-sonatype-com-3567	383	102	had	have	VBD
www-sonatype-com-3567	383	103	at	at	RB
www-sonatype-com-3567	383	104	least	least	RBS
www-sonatype-com-3567	383	105	one	one	CD
www-sonatype-com-3567	383	106	known	know	VBN
www-sonatype-com-3567	383	107	security	security	NN
www-sonatype-com-3567	383	108	vulnerability	vulnerability	NN
www-sonatype-com-3567	383	109	.	.	.
www-sonatype-com-3567	384	1	On	on	IN
www-sonatype-com-3567	384	2	average	average	JJ
www-sonatype-com-3567	384	3	,	,	,
www-sonatype-com-3567	384	4	the	the	DT
www-sonatype-com-3567	384	5	applications	application	NNS
www-sonatype-com-3567	384	6	contained	contain	VBD
www-sonatype-com-3567	384	7	38	38	CD
www-sonatype-com-3567	384	8	known	know	VBN
www-sonatype-com-3567	384	9	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	384	10	.	.	.
www-sonatype-com-3567	385	1	While	while	IN
www-sonatype-com-3567	385	2	any	any	DT
www-sonatype-com-3567	385	3	developer	developer	NN
www-sonatype-com-3567	385	4	knows	know	VBZ
www-sonatype-com-3567	385	5	that	that	IN
www-sonatype-com-3567	385	6	open	open	JJ
www-sonatype-com-3567	385	7	source	source	NN
www-sonatype-com-3567	385	8	components	component	NNS
www-sonatype-com-3567	385	9	are	be	VBP
www-sonatype-com-3567	385	10	used	use	VBN
www-sonatype-com-3567	385	11	to	to	TO
www-sonatype-com-3567	385	12	build	build	VB
www-sonatype-com-3567	385	13	an	an	DT
www-sonatype-com-3567	385	14	application	application	NN
www-sonatype-com-3567	385	15	,	,	,
www-sonatype-com-3567	385	16	the	the	DT
www-sonatype-com-3567	385	17	enterprise	enterprise	NN
www-sonatype-com-3567	385	18	does	do	VBZ
www-sonatype-com-3567	385	19	not	not	RB
www-sonatype-com-3567	385	20	carry	carry	VB
www-sonatype-com-3567	385	21	the	the	DT
www-sonatype-com-3567	385	22	same	same	JJ
www-sonatype-com-3567	385	23	awareness	awareness	NN
www-sonatype-com-3567	385	24	.	.	.
www-sonatype-com-3567	386	1	An	an	DT
www-sonatype-com-3567	386	2	analysis	analysis	NN
www-sonatype-com-3567	386	3	of	of	IN
www-sonatype-com-3567	386	4	open	open	JJ
www-sonatype-com-3567	386	5	source	source	NN
www-sonatype-com-3567	386	6	component	component	NN
www-sonatype-com-3567	386	7	use	use	NN
www-sonatype-com-3567	386	8	in	in	IN
www-sonatype-com-3567	386	9	organizations	organization	NNS
www-sonatype-com-3567	386	10	by	by	IN
www-sonatype-com-3567	386	11	Revenera	Revenera	NNP
www-sonatype-com-3567	386	12	is	be	VBZ
www-sonatype-com-3567	386	13	telling	tell	VBG
www-sonatype-com-3567	386	14	of	of	IN
www-sonatype-com-3567	386	15	software	software	NN
www-sonatype-com-3567	386	16	supply	supply	NN
www-sonatype-com-3567	386	17	chain	chain	NN
www-sonatype-com-3567	386	18	awareness	awareness	NN
www-sonatype-com-3567	386	19	.	.	.
www-sonatype-com-3567	387	1	In	in	IN
www-sonatype-com-3567	387	2	2018	2018	CD
www-sonatype-com-3567	387	3	,	,	,
www-sonatype-com-3567	387	4	development	development	NN
www-sonatype-com-3567	387	5	teams	team	NNS
www-sonatype-com-3567	387	6	using	use	VBG
www-sonatype-com-3567	387	7	open	open	JJ
www-sonatype-com-3567	387	8	source	source	NN
www-sonatype-com-3567	387	9	in	in	IN
www-sonatype-com-3567	387	10	development	development	NN
www-sonatype-com-3567	387	11	disclosed	disclose	VBD
www-sonatype-com-3567	387	12	their	-PRON-	PRP$
www-sonatype-com-3567	387	13	awareness	awareness	NN
www-sonatype-com-3567	387	14	of	of	IN
www-sonatype-com-3567	387	15	29	29	CD
www-sonatype-com-3567	387	16	OSS	oss	NN
www-sonatype-com-3567	387	17	being	be	VBG
www-sonatype-com-3567	387	18	used	use	VBN
www-sonatype-com-3567	387	19	while	while	IN
www-sonatype-com-3567	387	20	audits	audits	NN
www-sonatype-com-3567	387	21	of	of	IN
www-sonatype-com-3567	387	22	their	-PRON-	PRP$
www-sonatype-com-3567	387	23	environments	environment	NNS
www-sonatype-com-3567	387	24	revealed	reveal	VBD
www-sonatype-com-3567	387	25	626	626	CD
www-sonatype-com-3567	387	26	components	component	NNS
www-sonatype-com-3567	387	27	—	—	:
www-sonatype-com-3567	387	28	a	a	DT
www-sonatype-com-3567	387	29	22x	22x	NNS
www-sonatype-com-3567	387	30	difference	difference	NN
www-sonatype-com-3567	387	31	!	!	.
www-sonatype-com-3567	388	1	(	(	-LRB-
www-sonatype-com-3567	388	2	FIGURE	FIGURE	NNP
www-sonatype-com-3567	388	3	5D)35	5D)35	NNP
www-sonatype-com-3567	388	4	21	21	CD
www-sonatype-com-3567	388	5	%	%	NN
www-sonatype-com-3567	388	6	of	of	IN
www-sonatype-com-3567	388	7	Enterprises	Enterprises	NNP
www-sonatype-com-3567	388	8	Experienced	experience	VBD
www-sonatype-com-3567	388	9	Open	Open	NNP
www-sonatype-com-3567	388	10	Source	source	NN
www-sonatype-com-3567	388	11	Breaches	breach	VBZ
www-sonatype-com-3567	388	12	According	accord	VBG
www-sonatype-com-3567	388	13	to	to	IN
www-sonatype-com-3567	388	14	the	the	DT
www-sonatype-com-3567	388	15	X	X	NNP
www-sonatype-com-3567	388	16	-	-	HYPH
www-sonatype-com-3567	388	17	Force	Force	NNP
www-sonatype-com-3567	388	18	Threat	Threat	NNP
www-sonatype-com-3567	388	19	Intelligence	Intelligence	NNP
www-sonatype-com-3567	388	20	Index	Index	NNP
www-sonatype-com-3567	388	21	attacks	attack	VBZ
www-sonatype-com-3567	388	22	on	on	IN
www-sonatype-com-3567	388	23	known	know	VBN
www-sonatype-com-3567	388	24	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	388	25	increased	increase	VBD
www-sonatype-com-3567	388	26	to	to	IN
www-sonatype-com-3567	388	27	30	30	CD
www-sonatype-com-3567	388	28	%	%	NN
www-sonatype-com-3567	388	29	in	in	IN
www-sonatype-com-3567	388	30	2019	2019	CD
www-sonatype-com-3567	388	31	,	,	,
www-sonatype-com-3567	388	32	up	up	RB
www-sonatype-com-3567	388	33	from	from	IN
www-sonatype-com-3567	388	34	8	8	CD
www-sonatype-com-3567	388	35	%	%	NN
www-sonatype-com-3567	388	36	the	the	DT
www-sonatype-com-3567	388	37	previous	previous	JJ
www-sonatype-com-3567	388	38	year.36	year.36	NNP
www-sonatype-com-3567	388	39	Development	Development	NNP
www-sonatype-com-3567	388	40	teams	team	NNS
www-sonatype-com-3567	388	41	relying	rely	VBG
www-sonatype-com-3567	388	42	on	on	IN
www-sonatype-com-3567	388	43	open	open	JJ
www-sonatype-com-3567	388	44	source	source	NN
www-sonatype-com-3567	388	45	components	component	NNS
www-sonatype-com-3567	388	46	that	that	WDT
www-sonatype-com-3567	388	47	sometimes	sometimes	RB
www-sonatype-com-3567	388	48	contain	contain	VBP
www-sonatype-com-3567	388	49	known	know	VBN
www-sonatype-com-3567	388	50	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	388	51	were	be	VBD
www-sonatype-com-3567	388	52	not	not	RB
www-sonatype-com-3567	388	53	immune	immune	JJ
www-sonatype-com-3567	388	54	to	to	IN
www-sonatype-com-3567	388	55	these	these	DT
www-sonatype-com-3567	388	56	attacks	attack	NNS
www-sonatype-com-3567	388	57	.	.	.
www-sonatype-com-3567	389	1	The	the	DT
www-sonatype-com-3567	389	2	2020	2020	CD
www-sonatype-com-3567	389	3	DevSecOps	DevSecOps	NNP
www-sonatype-com-3567	389	4	Community	Community	NNP
www-sonatype-com-3567	389	5	Survey	Survey	NNP
www-sonatype-com-3567	389	6	of	of	IN
www-sonatype-com-3567	389	7	over	over	IN
www-sonatype-com-3567	389	8	5,000	5,000	CD
www-sonatype-com-3567	389	9	development	development	NN
www-sonatype-com-3567	389	10	professionals	professional	NNS
www-sonatype-com-3567	389	11	revealed	reveal	VBD
www-sonatype-com-3567	389	12	that	that	IN
www-sonatype-com-3567	389	13	21	21	CD
www-sonatype-com-3567	389	14	%	%	NN
www-sonatype-com-3567	389	15	had	have	VBD
www-sonatype-com-3567	389	16	experienced	experience	VBN
www-sonatype-com-3567	389	17	an	an	DT
www-sonatype-com-3567	389	18	open	open	JJ
www-sonatype-com-3567	389	19	source	source	NN
www-sonatype-com-3567	389	20	component	component	NN
www-sonatype-com-3567	389	21	related	related	JJ
www-sonatype-com-3567	389	22	breach	breach	NN
www-sonatype-com-3567	389	23	in	in	IN
www-sonatype-com-3567	389	24	the	the	DT
www-sonatype-com-3567	389	25	past	past	JJ
www-sonatype-com-3567	389	26	12	12	CD
www-sonatype-com-3567	389	27	months	month	NNS
www-sonatype-com-3567	389	28	(	(	-LRB-
www-sonatype-com-3567	389	29	FIGURE	FIGURE	NNP
www-sonatype-com-3567	389	30	5E	5e	NN
www-sonatype-com-3567	389	31	)	)	-RRB-
www-sonatype-com-3567	389	32	.	.	.
www-sonatype-com-3567	390	1	■	■	NFP
www-sonatype-com-3567	390	2	Open	open	JJ
www-sonatype-com-3567	390	3	source	source	NN
www-sonatype-com-3567	390	4	component	component	NN
www-sonatype-com-3567	390	5	related	related	JJ
www-sonatype-com-3567	390	6	breaches	breach	NNS
www-sonatype-com-3567	390	7	continue	continue	VBP
www-sonatype-com-3567	390	8	to	to	TO
www-sonatype-com-3567	390	9	drop	drop	VB
www-sonatype-com-3567	390	10	,	,	,
www-sonatype-com-3567	390	11	but	but	CC
www-sonatype-com-3567	390	12	still	still	RB
www-sonatype-com-3567	390	13	occur	occur	VBP
www-sonatype-com-3567	390	14	much	much	RB
www-sonatype-com-3567	390	15	too	too	RB
www-sonatype-com-3567	390	16	often	often	RB
www-sonatype-com-3567	390	17	.	.	.
www-sonatype-com-3567	391	1	SOURCE	SOURCE	NNP
www-sonatype-com-3567	391	2	:	:	:
www-sonatype-com-3567	391	3	2020	2020	CD
www-sonatype-com-3567	391	4	DEVSECOPS	DEVSECOPS	NNP
www-sonatype-com-3567	391	5	COMMUNITY	COMMUNITY	NNP
www-sonatype-com-3567	391	6	SURVEY	SURVEY	NNP
www-sonatype-com-3567	391	7	,	,	,
www-sonatype-com-3567	391	8	SONATYPE	SONATYPE	NNP
www-sonatype-com-3567	391	9	2019	2019	CD
www-sonatype-com-3567	391	10	Survey	survey	NN
www-sonatype-com-3567	391	11	24	24	CD
www-sonatype-com-3567	391	12	%	%	NN
www-sonatype-com-3567	391	13	2020	2020	CD
www-sonatype-com-3567	391	14	Survey	survey	NN
www-sonatype-com-3567	391	15	21	21	CD
www-sonatype-com-3567	391	16	%	%	NN
www-sonatype-com-3567	391	17	31	31	CD
www-sonatype-com-3567	391	18	%	%	NN
www-sonatype-com-3567	391	19	2018	2018	CD
www-sonatype-com-3567	391	20	Survey	survey	NN
www-sonatype-com-3567	391	21	20	20	CD
www-sonatype-com-3567	391	22	%	%	NN
www-sonatype-com-3567	391	23	2017	2017	CD
www-sonatype-com-3567	391	24	Survey	survey	NN
www-sonatype-com-3567	391	25	FIGURE	FIGURE	NNP
www-sonatype-com-3567	391	26	5E	5e	JJ
www-sonatype-com-3567	391	27	Open	open	JJ
www-sonatype-com-3567	391	28	source	source	NN
www-sonatype-com-3567	391	29	component	component	NN
www-sonatype-com-3567	391	30	related	related	JJ
www-sonatype-com-3567	391	31	breaches	breach	NNS
www-sonatype-com-3567	391	32	continue	continue	VBP
www-sonatype-com-3567	391	33	to	to	TO
www-sonatype-com-3567	391	34	drop	drop	VB
www-sonatype-com-3567	391	35	,	,	,
www-sonatype-com-3567	391	36	but	but	CC
www-sonatype-com-3567	391	37	still	still	RB
www-sonatype-com-3567	391	38	occur	occur	VBP
www-sonatype-com-3567	391	39	much	much	RB
www-sonatype-com-3567	391	40	too	too	RB
www-sonatype-com-3567	391	41	often	often	RB
www-sonatype-com-3567	391	42	.	.	.
www-sonatype-com-3567	392	1	SOURCE	SOURCE	NNP
www-sonatype-com-3567	392	2	:	:	:
www-sonatype-com-3567	392	3	2020	2020	CD
www-sonatype-com-3567	392	4	DevSecOps	DevSecOps	NNP
www-sonatype-com-3567	392	5	Community	Community	NNP
www-sonatype-com-3567	392	6	Survey	Survey	NNP
www-sonatype-com-3567	392	7	,	,	,
www-sonatype-com-3567	392	8	Sonatype	Sonatype	NNP
www-sonatype-com-3567	392	9	342020	342020	CD
www-sonatype-com-3567	392	10	STATE	STATE	NNP
www-sonatype-com-3567	392	11	OF	of	IN
www-sonatype-com-3567	392	12	THE	the	DT
www-sonatype-com-3567	392	13	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	392	14	SUPPLY	supply	NN
www-sonatype-com-3567	392	15	CHAIN	chain	NN
www-sonatype-com-3567	392	16	REPORT	report	NN
www-sonatype-com-3567	392	17	C	c	NN
www-sonatype-com-3567	392	18	H	h	NN
www-sonatype-com-3567	392	19	A	a	NN
www-sonatype-com-3567	392	20	P	p	NN
www-sonatype-com-3567	392	21	T	t	NN
www-sonatype-com-3567	392	22	E	e	NN
www-sonatype-com-3567	392	23	R	r	NN
www-sonatype-com-3567	392	24	5	5	CD
www-sonatype-com-3567	392	25	:	:	:
www-sonatype-com-3567	392	26	T	t	NN
www-sonatype-com-3567	392	27	H	h	NN
www-sonatype-com-3567	392	28	E	e	NN
www-sonatype-com-3567	392	29	T	t	NN
www-sonatype-com-3567	392	30	R	r	NN
www-sonatype-com-3567	392	31	U	u	NN
www-sonatype-com-3567	392	32	S	s	NN
www-sonatype-com-3567	392	33	T	t	NN
www-sonatype-com-3567	392	34	A	a	NN
www-sonatype-com-3567	392	35	N	n	NN
www-sonatype-com-3567	392	36	D	d	NN
www-sonatype-com-3567	392	37	I	i	NN
www-sonatype-com-3567	392	38	N	n	NN
www-sonatype-com-3567	392	39	T	t	NN
www-sonatype-com-3567	392	40	E	e	NN
www-sonatype-com-3567	392	41	G	g	NN
www-sonatype-com-3567	392	42	R	r	NN
www-sonatype-com-3567	392	43	IT	it	NN
www-sonatype-com-3567	392	44	Y	y	NN
www-sonatype-com-3567	392	45	O	o	NN
www-sonatype-com-3567	392	46	F	f	NN
www-sonatype-com-3567	392	47	S	s	NN
www-sonatype-com-3567	392	48	O	o	NN
www-sonatype-com-3567	392	49	F	f	NN
www-sonatype-com-3567	392	50	T	T	NNP
www-sonatype-com-3567	392	51	W	w	NN
www-sonatype-com-3567	392	52	A	a	NN
www-sonatype-com-3567	392	53	R	r	NN
www-sonatype-com-3567	392	54	E	e	NN
www-sonatype-com-3567	392	55	S	s	NN
www-sonatype-com-3567	392	56	U	u	NN
www-sonatype-com-3567	392	57	P	p	NN
www-sonatype-com-3567	392	58	P	p	NN
www-sonatype-com-3567	392	59	LY	ly	NN
www-sonatype-com-3567	392	60	C	c	NN
www-sonatype-com-3567	392	61	H	h	NN
www-sonatype-com-3567	392	62	A	a	NN
www-sonatype-com-3567	392	63	IN	IN	NNP
www-sonatype-com-3567	392	64	S	S	NNP
www-sonatype-com-3567	392	65	CHAPTER	chapter	NN
www-sonatype-com-3567	392	66	6	6	CD
www-sonatype-com-3567	392	67	The	the	DT
www-sonatype-com-3567	392	68	Changing	change	VBG
www-sonatype-com-3567	392	69	OSS	oss	NN
www-sonatype-com-3567	392	70	Landscape	Landscape	NNP
www-sonatype-com-3567	392	71	:	:	:
www-sonatype-com-3567	392	72	Social	Social	NNP
www-sonatype-com-3567	392	73	Activism	Activism	NNP
www-sonatype-com-3567	392	74	and	and	CC
www-sonatype-com-3567	392	75	Government	Government	NNP
www-sonatype-com-3567	392	76	Standards	Standards	NNPS
www-sonatype-com-3567	392	77	“	"	``
www-sonatype-com-3567	392	78	I	-PRON-	PRP
www-sonatype-com-3567	392	79	have	have	VBP
www-sonatype-com-3567	392	80	a	a	DT
www-sonatype-com-3567	392	81	moral	moral	JJ
www-sonatype-com-3567	392	82	and	and	CC
www-sonatype-com-3567	392	83	ethical	ethical	JJ
www-sonatype-com-3567	392	84	obligation	obligation	NN
www-sonatype-com-3567	392	85	to	to	TO
www-sonatype-com-3567	392	86	prevent	prevent	VB
www-sonatype-com-3567	392	87	my	-PRON-	PRP$
www-sonatype-com-3567	392	88	source	source	NN
www-sonatype-com-3567	392	89	[	[	-LRB-
www-sonatype-com-3567	392	90	code	code	NN
www-sonatype-com-3567	392	91	]	]	-RRB-
www-sonatype-com-3567	392	92	from	from	IN
www-sonatype-com-3567	392	93	being	be	VBG
www-sonatype-com-3567	392	94	used	use	VBN
www-sonatype-com-3567	392	95	for	for	IN
www-sonatype-com-3567	392	96	evil	evil	NN
www-sonatype-com-3567	392	97	.	.	.
www-sonatype-com-3567	392	98	”	"	''
www-sonatype-com-3567	392	99	—	—	:
www-sonatype-com-3567	392	100	SETH	SETH	NNP
www-sonatype-com-3567	392	101	VARGO	VARGO	NNP
www-sonatype-com-3567	392	102	362020	362020	CD
www-sonatype-com-3567	392	103	STATE	STATE	NNP
www-sonatype-com-3567	392	104	OF	of	IN
www-sonatype-com-3567	392	105	THE	the	DT
www-sonatype-com-3567	392	106	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	392	107	SUPPLY	supply	NN
www-sonatype-com-3567	392	108	CHAIN	chain	NN
www-sonatype-com-3567	392	109	REPORT	report	NN
www-sonatype-com-3567	392	110	C	c	NN
www-sonatype-com-3567	392	111	H	h	NN
www-sonatype-com-3567	392	112	A	a	NN
www-sonatype-com-3567	392	113	P	p	NN
www-sonatype-com-3567	392	114	T	t	NN
www-sonatype-com-3567	392	115	E	e	NN
www-sonatype-com-3567	392	116	R	r	NN
www-sonatype-com-3567	392	117	6	6	CD
www-sonatype-com-3567	392	118	:	:	:
www-sonatype-com-3567	392	119	T	t	NN
www-sonatype-com-3567	392	120	H	h	NN
www-sonatype-com-3567	392	121	E	e	NN
www-sonatype-com-3567	392	122	C	c	NN
www-sonatype-com-3567	392	123	H	h	NN
www-sonatype-com-3567	392	124	A	a	NN
www-sonatype-com-3567	392	125	N	n	NN
www-sonatype-com-3567	392	126	G	g	NN
www-sonatype-com-3567	392	127	IN	in	IN
www-sonatype-com-3567	392	128	G	g	NN
www-sonatype-com-3567	392	129	O	o	NN
www-sonatype-com-3567	392	130	S	s	NN
www-sonatype-com-3567	392	131	S	s	NN
www-sonatype-com-3567	392	132	L	l	NN
www-sonatype-com-3567	392	133	A	A	NNP
www-sonatype-com-3567	392	134	N	N	NNP
www-sonatype-com-3567	392	135	D	d	NN
www-sonatype-com-3567	392	136	S	s	NN
www-sonatype-com-3567	392	137	C	c	NN
www-sonatype-com-3567	392	138	A	a	NN
www-sonatype-com-3567	392	139	P	p	NN
www-sonatype-com-3567	392	140	E	e	NN
www-sonatype-com-3567	392	141	:	:	:
www-sonatype-com-3567	392	142	S	s	NN
www-sonatype-com-3567	392	143	O	o	NN
www-sonatype-com-3567	392	144	C	c	NN
www-sonatype-com-3567	392	145	IA	ia	NN
www-sonatype-com-3567	392	146	L	l	NN
www-sonatype-com-3567	392	147	A	A	NNP
www-sonatype-com-3567	392	148	C	c	NN
www-sonatype-com-3567	392	149	T	t	NN
www-sonatype-com-3567	392	150	IV	iv	NN
www-sonatype-com-3567	392	151	IS	be	VBZ
www-sonatype-com-3567	392	152	M	M	NNP
www-sonatype-com-3567	392	153	A	A	NNP
www-sonatype-com-3567	392	154	N	n	NN
www-sonatype-com-3567	392	155	D	d	NN
www-sonatype-com-3567	392	156	G	g	NN
www-sonatype-com-3567	392	157	O	o	NN
www-sonatype-com-3567	392	158	V	v	NN
www-sonatype-com-3567	392	159	E	e	NN
www-sonatype-com-3567	392	160	R	r	NN
www-sonatype-com-3567	392	161	N	n	NN
www-sonatype-com-3567	392	162	M	m	NN
www-sonatype-com-3567	392	163	E	e	NN
www-sonatype-com-3567	392	164	N	n	NN
www-sonatype-com-3567	392	165	T	t	NN
www-sonatype-com-3567	392	166	S	s	NN
www-sonatype-com-3567	392	167	T	t	NN
www-sonatype-com-3567	392	168	A	a	NN
www-sonatype-com-3567	392	169	N	n	NN
www-sonatype-com-3567	392	170	D	d	NN
www-sonatype-com-3567	392	171	A	a	NN
www-sonatype-com-3567	392	172	R	r	NN
www-sonatype-com-3567	392	173	D	d	NN
www-sonatype-com-3567	392	174	S	S	NNP
www-sonatype-com-3567	392	175	Social	Social	NNP
www-sonatype-com-3567	392	176	Activism	Activism	NNP
www-sonatype-com-3567	392	177	and	and	CC
www-sonatype-com-3567	392	178	Open	Open	NNP
www-sonatype-com-3567	392	179	Source	source	NN
www-sonatype-com-3567	392	180	Software	software	NN
www-sonatype-com-3567	392	181	Social	social	JJ
www-sonatype-com-3567	392	182	activism	activism	NN
www-sonatype-com-3567	392	183	has	have	VBZ
www-sonatype-com-3567	392	184	been	be	VBN
www-sonatype-com-3567	392	185	high	high	JJ
www-sonatype-com-3567	392	186	on	on	IN
www-sonatype-com-3567	392	187	the	the	DT
www-sonatype-com-3567	392	188	agenda	agenda	NN
www-sonatype-com-3567	392	189	of	of	IN
www-sonatype-com-3567	392	190	many	many	JJ
www-sonatype-com-3567	392	191	in	in	IN
www-sonatype-com-3567	392	192	the	the	DT
www-sonatype-com-3567	392	193	tech	tech	NN
www-sonatype-com-3567	392	194	community	community	NN
www-sonatype-com-3567	392	195	.	.	.
www-sonatype-com-3567	393	1	Developers	developer	NNS
www-sonatype-com-3567	393	2	at	at	IN
www-sonatype-com-3567	393	3	Google	Google	NNP
www-sonatype-com-3567	393	4	,	,	,
www-sonatype-com-3567	393	5	WeWork	WeWork	NNP
www-sonatype-com-3567	393	6	,	,	,
www-sonatype-com-3567	393	7	Kickstarter	Kickstarter	NNP
www-sonatype-com-3567	393	8	,	,	,
www-sonatype-com-3567	393	9	Amazon	Amazon	NNP
www-sonatype-com-3567	393	10	,	,	,
www-sonatype-com-3567	393	11	and	and	CC
www-sonatype-com-3567	393	12	other	other	JJ
www-sonatype-com-3567	393	13	companies	company	NNS
www-sonatype-com-3567	393	14	across	across	IN
www-sonatype-com-3567	393	15	the	the	DT
www-sonatype-com-3567	393	16	tech	tech	NN
www-sonatype-com-3567	393	17	industry	industry	NN
www-sonatype-com-3567	393	18	have	have	VBP
www-sonatype-com-3567	393	19	been	be	VBN
www-sonatype-com-3567	393	20	more	more	RBR
www-sonatype-com-3567	393	21	active	active	JJ
www-sonatype-com-3567	393	22	at	at	IN
www-sonatype-com-3567	393	23	protesting	protest	VBG
www-sonatype-com-3567	393	24	employer	employer	NN
www-sonatype-com-3567	393	25	decisions	decision	NNS
www-sonatype-com-3567	393	26	,	,	,
www-sonatype-com-3567	393	27	petitioning	petition	VBG
www-sonatype-com-3567	393	28	them	-PRON-	PRP
www-sonatype-com-3567	393	29	to	to	TO
www-sonatype-com-3567	393	30	abstain	abstain	VB
www-sonatype-com-3567	393	31	from	from	IN
www-sonatype-com-3567	393	32	doing	do	VBG
www-sonatype-com-3567	393	33	business	business	NN
www-sonatype-com-3567	393	34	with	with	IN
www-sonatype-com-3567	393	35	government	government	NN
www-sonatype-com-3567	393	36	agencies	agency	NNS
www-sonatype-com-3567	393	37	,	,	,
www-sonatype-com-3567	393	38	and	and	CC
www-sonatype-com-3567	393	39	denouncing	denounce	VBG
www-sonatype-com-3567	393	40	unfair	unfair	JJ
www-sonatype-com-3567	393	41	treatment	treatment	NN
www-sonatype-com-3567	393	42	of	of	IN
www-sonatype-com-3567	393	43	employees	employee	NNS
www-sonatype-com-3567	393	44	.	.	.
www-sonatype-com-3567	394	1	The	the	DT
www-sonatype-com-3567	394	2	open	open	JJ
www-sonatype-com-3567	394	3	source	source	NN
www-sonatype-com-3567	394	4	community	community	NN
www-sonatype-com-3567	394	5	has	have	VBZ
www-sonatype-com-3567	394	6	not	not	RB
www-sonatype-com-3567	394	7	been	be	VBN
www-sonatype-com-3567	394	8	immune	immune	JJ
www-sonatype-com-3567	394	9	from	from	IN
www-sonatype-com-3567	394	10	protests	protest	NNS
www-sonatype-com-3567	394	11	.	.	.
www-sonatype-com-3567	395	1	In	in	IN
www-sonatype-com-3567	395	2	2017	2017	CD
www-sonatype-com-3567	395	3	,	,	,
www-sonatype-com-3567	395	4	a	a	DT
www-sonatype-com-3567	395	5	developer	developer	NN
www-sonatype-com-3567	395	6	harassed	harass	VBN
www-sonatype-com-3567	395	7	by	by	IN
www-sonatype-com-3567	395	8	corporate	corporate	JJ
www-sonatype-com-3567	395	9	lawyers	lawyer	NNS
www-sonatype-com-3567	395	10	pulled	pull	VBD
www-sonatype-com-3567	395	11	his	-PRON-	PRP$
www-sonatype-com-3567	395	12	left	left	JJ
www-sonatype-com-3567	395	13	-	-	HYPH
www-sonatype-com-3567	395	14	pad	pad	NN
www-sonatype-com-3567	395	15	code	code	NN
www-sonatype-com-3567	395	16	from	from	IN
www-sonatype-com-3567	395	17	the	the	DT
www-sonatype-com-3567	395	18	npm	npm	NNP
www-sonatype-com-3567	395	19	repository	repository	NN
www-sonatype-com-3567	395	20	temporarily	temporarily	RB
www-sonatype-com-3567	395	21	“	"	``
www-sonatype-com-3567	395	22	breaking	break	VBG
www-sonatype-com-3567	395	23	the	the	DT
www-sonatype-com-3567	395	24	internet	internet	NN
www-sonatype-com-3567	395	25	”	"	''
www-sonatype-com-3567	395	26	as	as	IN
www-sonatype-com-3567	395	27	numerous	numerous	JJ
www-sonatype-com-3567	395	28	automated	automate	VBN
www-sonatype-com-3567	395	29	build	build	NN
www-sonatype-com-3567	395	30	environ-	environ-	NN
www-sonatype-com-3567	395	31	ments	ment	NNS
www-sonatype-com-3567	395	32	relying	rely	VBG
www-sonatype-com-3567	395	33	on	on	IN
www-sonatype-com-3567	395	34	the	the	DT
www-sonatype-com-3567	395	35	code	code	NN
www-sonatype-com-3567	395	36	failed	fail	VBD
www-sonatype-com-3567	395	37	.	.	.
www-sonatype-com-3567	396	1	In	in	IN
www-sonatype-com-3567	396	2	September	September	NNP
www-sonatype-com-3567	396	3	2019	2019	CD
www-sonatype-com-3567	396	4	,	,	,
www-sonatype-com-3567	396	5	in	in	IN
www-sonatype-com-3567	396	6	an	an	DT
www-sonatype-com-3567	396	7	effort	effort	NN
www-sonatype-com-3567	396	8	to	to	TO
www-sonatype-com-3567	396	9	protest	protest	VB
www-sonatype-com-3567	396	10	his	-PRON-	PRP$
www-sonatype-com-3567	396	11	former	former	JJ
www-sonatype-com-3567	396	12	employer	employer	NN
www-sonatype-com-3567	396	13	’s	’s	POS
www-sonatype-com-3567	396	14	commercial	commercial	JJ
www-sonatype-com-3567	396	15	relationship	relationship	NN
www-sonatype-com-3567	396	16	with	with	IN
www-sonatype-com-3567	396	17	the	the	DT
www-sonatype-com-3567	396	18	U.S.	U.S.	NNP
www-sonatype-com-3567	396	19	Immigration	Immigration	NNP
www-sonatype-com-3567	396	20	and	and	CC
www-sonatype-com-3567	396	21	Customs	Customs	NNP
www-sonatype-com-3567	396	22	Enforcement	Enforcement	NNP
www-sonatype-com-3567	396	23	(	(	-LRB-
www-sonatype-com-3567	396	24	ICE	ICE	NNP
www-sonatype-com-3567	396	25	)	)	-RRB-
www-sonatype-com-3567	396	26	,	,	,
www-sonatype-com-3567	396	27	Seth	Seth	NNP
www-sonatype-com-3567	396	28	Vargo	Vargo	NNP
www-sonatype-com-3567	396	29	removed	remove	VBD
www-sonatype-com-3567	396	30	his	-PRON-	PRP$
www-sonatype-com-3567	396	31	“	"	``
www-sonatype-com-3567	396	32	Sugar	Sugar	NNP
www-sonatype-com-3567	396	33	”	"	''
www-sonatype-com-3567	396	34	code	code	NN
www-sonatype-com-3567	396	35	from	from	IN
www-sonatype-com-3567	396	36	GitHub	GitHub	NNP
www-sonatype-com-3567	396	37	and	and	CC
www-sonatype-com-3567	396	38	the	the	DT
www-sonatype-com-3567	396	39	RubyGems	RubyGems	NNP
www-sonatype-com-3567	396	40	repository	repository	NN
www-sonatype-com-3567	396	41	.	.	.
www-sonatype-com-3567	397	1	The	the	DT
www-sonatype-com-3567	397	2	missing	miss	VBG
www-sonatype-com-3567	397	3	code	code	NN
www-sonatype-com-3567	397	4	was	be	VBD
www-sonatype-com-3567	397	5	eventually	eventually	RB
www-sonatype-com-3567	397	6	replaced	replace	VBN
www-sonatype-com-3567	397	7	,	,	,
www-sonatype-com-3567	397	8	but	but	CC
www-sonatype-com-3567	397	9	not	not	RB
www-sonatype-com-3567	397	10	before	before	IN
www-sonatype-com-3567	397	11	a	a	DT
www-sonatype-com-3567	397	12	significant	significant	JJ
www-sonatype-com-3567	397	13	portion	portion	NN
www-sonatype-com-3567	397	14	of	of	IN
www-sonatype-com-3567	397	15	Chef	Chef	NNP
www-sonatype-com-3567	397	16	’s	’s	NNP
www-sonatype-com-3567	397	17	customers	customer	NNS
www-sonatype-com-3567	397	18	were	be	VBD
www-sonatype-com-3567	397	19	impacted	impact	VBN
www-sonatype-com-3567	397	20	without	without	IN
www-sonatype-com-3567	397	21	warning	warning	NN
www-sonatype-com-3567	397	22	.	.	.
www-sonatype-com-3567	398	1	Addressing	address	VBG
www-sonatype-com-3567	398	2	the	the	DT
www-sonatype-com-3567	398	3	community	community	NN
www-sonatype-com-3567	398	4	as	as	IN
www-sonatype-com-3567	398	5	to	to	IN
www-sonatype-com-3567	398	6	why	why	WRB
www-sonatype-com-3567	398	7	he	-PRON-	PRP
www-sonatype-com-3567	398	8	pulled	pull	VBD
www-sonatype-com-3567	398	9	his	-PRON-	PRP$
www-sonatype-com-3567	398	10	code	code	NN
www-sonatype-com-3567	398	11	,	,	,
www-sonatype-com-3567	398	12	Vargo	Vargo	NNP
www-sonatype-com-3567	398	13	wrote	write	VBD
www-sonatype-com-3567	398	14	“	"	``
www-sonatype-com-3567	398	15	I	-PRON-	PRP
www-sonatype-com-3567	398	16	have	have	VBP
www-sonatype-com-3567	398	17	a	a	DT
www-sonatype-com-3567	398	18	moral	moral	JJ
www-sonatype-com-3567	398	19	and	and	CC
www-sonatype-com-3567	398	20	ethical	ethical	JJ
www-sonatype-com-3567	398	21	obligation	obligation	NN
www-sonatype-com-3567	398	22	to	to	TO
www-sonatype-com-3567	398	23	prevent	prevent	VB
www-sonatype-com-3567	398	24	my	-PRON-	PRP$
www-sonatype-com-3567	398	25	source	source	NN
www-sonatype-com-3567	398	26	[	[	-LRB-
www-sonatype-com-3567	398	27	code	code	NN
www-sonatype-com-3567	398	28	]	]	-RRB-
www-sonatype-com-3567	398	29	from	from	IN
www-sonatype-com-3567	398	30	being	be	VBG
www-sonatype-com-3567	398	31	used	use	VBN
www-sonatype-com-3567	398	32	for	for	IN
www-sonatype-com-3567	398	33	evil	evil	NN
www-sonatype-com-3567	398	34	.	.	.
www-sonatype-com-3567	398	35	”37	”37	NNP
www-sonatype-com-3567	398	36	January	January	NNP
www-sonatype-com-3567	398	37	2020	2020	CD
www-sonatype-com-3567	398	38	surfaced	surface	VBD
www-sonatype-com-3567	398	39	another	another	DT
www-sonatype-com-3567	398	40	protest	protest	NN
www-sonatype-com-3567	398	41	o	o	NN
www-sonatype-com-3567	398	42	f	f	NN
www-sonatype-com-3567	398	43	sorts	sort	VBZ
www-sonatype-com-3567	398	44	when	when	WRB
www-sonatype-com-3567	398	45	Nikolay	Nikolay	NNP
www-sonatype-com-3567	398	46	Kim	Kim	NNP
www-sonatype-com-3567	398	47	deleted	delete	VBD
www-sonatype-com-3567	398	48	his	-PRON-	PRP$
www-sonatype-com-3567	398	49	actix	actix	NN
www-sonatype-com-3567	398	50	-	-	HYPH
www-sonatype-com-3567	398	51	net	net	NN
www-sonatype-com-3567	398	52	and	and	CC
www-sonatype-com-3567	398	53	actix	actix	NN
www-sonatype-com-3567	398	54	-	-	HYPH
www-sonatype-com-3567	398	55	web	web	NN
www-sonatype-com-3567	398	56	open	open	JJ
www-sonatype-com-3567	398	57	source	source	NN
www-sonatype-com-3567	398	58	project	project	NN
www-sonatype-com-3567	398	59	from	from	IN
www-sonatype-com-3567	398	60	their	-PRON-	PRP$
www-sonatype-com-3567	398	61	public	public	JJ
www-sonatype-com-3567	398	62	repos	repos	NN
www-sonatype-com-3567	398	63	after	after	IN
www-sonatype-com-3567	398	64	being	be	VBG
www-sonatype-com-3567	398	65	harassed	harass	VBN
www-sonatype-com-3567	398	66	too	too	RB
www-sonatype-com-3567	398	67	many	many	JJ
www-sonatype-com-3567	398	68	times	time	NNS
www-sonatype-com-3567	398	69	by	by	IN
www-sonatype-com-3567	398	70	his	-PRON-	PRP$
www-sonatype-com-3567	398	71	user	user	NN
www-sonatype-com-3567	398	72	community	community	NN
www-sonatype-com-3567	398	73	.	.	.
www-sonatype-com-3567	399	1	He	-PRON-	PRP
www-sonatype-com-3567	399	2	declared	declare	VBD
www-sonatype-com-3567	399	3	“	"	``
www-sonatype-com-3567	399	4	Being	be	VBG
www-sonatype-com-3567	399	5	a	a	DT
www-sonatype-com-3567	399	6	maintainer	maintainer	NN
www-sonatype-com-3567	399	7	of	of	IN
www-sonatype-com-3567	399	8	a	a	DT
www-sonatype-com-3567	399	9	large	large	JJ
www-sonatype-com-3567	399	10	open	open	JJ
www-sonatype-com-3567	399	11	source	source	NN
www-sonatype-com-3567	399	12	project	project	NN
www-sonatype-com-3567	399	13	is	be	VBZ
www-sonatype-com-3567	399	14	not	not	RB
www-sonatype-com-3567	399	15	a	a	DT
www-sonatype-com-3567	399	16	fun	fun	JJ
www-sonatype-com-3567	399	17	task	task	NN
www-sonatype-com-3567	399	18	...	...	.
www-sonatype-com-3567	400	1	I	-PRON-	PRP
www-sonatype-com-3567	400	2	am	be	VBP
www-sonatype-com-3567	400	3	done	do	VBN
www-sonatype-com-3567	400	4	with	with	IN
www-sonatype-com-3567	400	5	open	open	JJ
www-sonatype-com-3567	400	6	source	source	NN
www-sonatype-com-3567	400	7	”	"	''
www-sonatype-com-3567	400	8	and	and	CC
www-sonatype-com-3567	400	9	“	"	``
www-sonatype-com-3567	400	10	I	-PRON-	PRP
www-sonatype-com-3567	400	11	moved	move	VBD
www-sonatype-com-3567	400	12	actix	actix	NN
www-sonatype-com-3567	400	13	-	-	HYPH
www-sonatype-com-3567	400	14	net	net	NN
www-sonatype-com-3567	400	15	and	and	CC
www-sonatype-com-3567	400	16	actix	actix	NN
www-sonatype-com-3567	400	17	-	-	HYPH
www-sonatype-com-3567	400	18	web	web	NN
www-sonatype-com-3567	400	19	project	project	NN
www-sonatype-com-3567	400	20	to	to	IN
www-sonatype-com-3567	400	21	my	-PRON-	PRP$
www-sonatype-com-3567	400	22	personal	personal	JJ
www-sonatype-com-3567	400	23	github	github	NNS
www-sonatype-com-3567	400	24	account	account	NN
www-sonatype-com-3567	400	25	.	.	.
www-sonatype-com-3567	400	26	”	"	''
www-sonatype-com-3567	400	27	His	-PRON-	PRP$
www-sonatype-com-3567	400	28	action	action	NN
www-sonatype-com-3567	400	29	immediately	immediately	RB
www-sonatype-com-3567	400	30	impacted	impact	VBD
www-sonatype-com-3567	400	31	automated	automate	VBN
www-sonatype-com-3567	400	32	builds	build	NNS
www-sonatype-com-3567	400	33	relying	rely	VBG
www-sonatype-com-3567	400	34	on	on	IN
www-sonatype-com-3567	400	35	the	the	DT
www-sonatype-com-3567	400	36	code	code	NN
www-sonatype-com-3567	400	37	causing	cause	VBG
www-sonatype-com-3567	400	38	many	many	JJ
www-sonatype-com-3567	400	39	in	in	IN
www-sonatype-com-3567	400	40	the	the	DT
www-sonatype-com-3567	400	41	community	community	NN
www-sonatype-com-3567	400	42	to	to	TO
www-sonatype-com-3567	400	43	panic	panic	VB
www-sonatype-com-3567	400	44	.	.	.
www-sonatype-com-3567	401	1	Kim	Kim	NNP
www-sonatype-com-3567	401	2	’s	’s	POS
www-sonatype-com-3567	401	3	code	code	NN
www-sonatype-com-3567	401	4	was	be	VBD
www-sonatype-com-3567	401	5	eventually	eventually	RB
www-sonatype-com-3567	401	6	restored	restore	VBN
www-sonatype-com-3567	401	7	to	to	IN
www-sonatype-com-3567	401	8	public	public	JJ
www-sonatype-com-3567	401	9	repos	repos	NN
www-sonatype-com-3567	401	10	after	after	IN
www-sonatype-com-3567	401	11	he	-PRON-	PRP
www-sonatype-com-3567	401	12	transferred	transfer	VBD
www-sonatype-com-3567	401	13	ownership	ownership	NN
www-sonatype-com-3567	401	14	to	to	IN
www-sonatype-com-3567	401	15	another	another	DT
www-sonatype-com-3567	401	16	developer	developer	NN
www-sonatype-com-3567	401	17	in	in	IN
www-sonatype-com-3567	401	18	the	the	DT
www-sonatype-com-3567	401	19	community.38	community.38	NNP
www-sonatype-com-3567	401	20	As	as	IN
www-sonatype-com-3567	401	21	discussed	discuss	VBN
www-sonatype-com-3567	401	22	in	in	IN
www-sonatype-com-3567	401	23	Chapter	chapter	NN
www-sonatype-com-3567	401	24	4	4	CD
www-sonatype-com-3567	401	25	,	,	,
www-sonatype-com-3567	401	26	successful	successful	JJ
www-sonatype-com-3567	401	27	productivity	productivity	NN
www-sonatype-com-3567	401	28	outcomes	outcome	NNS
www-sonatype-com-3567	401	29	for	for	IN
www-sonatype-com-3567	401	30	High	High	NNP
www-sonatype-com-3567	401	31	Performers	Performers	NNPS
www-sonatype-com-3567	401	32	were	be	VBD
www-sonatype-com-3567	401	33	tied	tie	VBN
www-sonatype-com-3567	401	34	,	,	,
www-sonatype-com-3567	401	35	in	in	IN
www-sonatype-com-3567	401	36	part	part	NN
www-sonatype-com-3567	401	37	,	,	,
www-sonatype-com-3567	401	38	to	to	IN
www-sonatype-com-3567	401	39	keeping	keep	VBG
www-sonatype-com-3567	401	40	a	a	DT
www-sonatype-com-3567	401	41	centralized	centralized	JJ
www-sonatype-com-3567	401	42	record	record	NN
www-sonatype-com-3567	401	43	of	of	IN
www-sonatype-com-3567	401	44	applications	application	NNS
www-sonatype-com-3567	401	45	,	,	,
www-sonatype-com-3567	401	46	their	-PRON-	PRP$
www-sonatype-com-3567	401	47	dependencies	dependency	NNS
www-sonatype-com-3567	401	48	,	,	,
www-sonatype-com-3567	401	49	and	and	CC
www-sonatype-com-3567	401	50	the	the	DT
www-sonatype-com-3567	401	51	associated	associated	JJ
www-sonatype-com-3567	401	52	development	development	NN
www-sonatype-com-3567	401	53	teams	team	NNS
www-sonatype-com-3567	401	54	.	.	.
www-sonatype-com-3567	402	1	Given	give	VBN
www-sonatype-com-3567	402	2	its	-PRON-	PRP$
www-sonatype-com-3567	402	3	association	association	NN
www-sonatype-com-3567	402	4	with	with	IN
www-sonatype-com-3567	402	5	good	good	JJ
www-sonatype-com-3567	402	6	outcomes	outcome	NNS
www-sonatype-com-3567	402	7	,	,	,
www-sonatype-com-3567	402	8	we	-PRON-	PRP
www-sonatype-com-3567	402	9	recommend	recommend	VBP
www-sonatype-com-3567	402	10	the	the	DT
www-sonatype-com-3567	402	11	use	use	NN
www-sonatype-com-3567	402	12	of	of	IN
www-sonatype-com-3567	402	13	repository	repository	JJ
www-sonatype-com-3567	402	14	managers	manager	NNS
www-sonatype-com-3567	402	15	to	to	IN
www-sonatype-com-3567	402	16	proxy	proxy	JJ
www-sonatype-com-3567	402	17	public	public	JJ
www-sonatype-com-3567	402	18	OSS	OSS	NNP
www-sonatype-com-3567	402	19	repositories	repository	NNS
www-sonatype-com-3567	402	20	and	and	CC
www-sonatype-com-3567	402	21	host	host	NN
www-sonatype-com-3567	402	22	OSS	OSS	NNP
www-sonatype-com-3567	402	23	components	component	NNS
www-sonatype-com-3567	402	24	locally	locally	RB
www-sonatype-com-3567	402	25	.	.	.
www-sonatype-com-3567	403	1	Locally	locally	RB
www-sonatype-com-3567	403	2	hosting	host	VBG
www-sonatype-com-3567	403	3	any	any	DT
www-sonatype-com-3567	403	4	compo-	compo-	NN
www-sonatype-com-3567	403	5	nents	nent	NNS
www-sonatype-com-3567	403	6	needed	need	VBN
www-sonatype-com-3567	403	7	by	by	IN
www-sonatype-com-3567	403	8	developers	developer	NNS
www-sonatype-com-3567	403	9	will	will	MD
www-sonatype-com-3567	403	10	help	help	VB
www-sonatype-com-3567	403	11	improve	improve	VB
www-sonatype-com-3567	403	12	business	business	NN
www-sonatype-com-3567	403	13	continuity	continuity	NN
www-sonatype-com-3567	403	14	during	during	IN
www-sonatype-com-3567	403	15	future	future	JJ
www-sonatype-com-3567	403	16	protests	protest	NNS
www-sonatype-com-3567	403	17	or	or	CC
www-sonatype-com-3567	403	18	actions	action	NNS
www-sonatype-com-3567	403	19	by	by	IN
www-sonatype-com-3567	403	20	activists	activist	NNS
www-sonatype-com-3567	403	21	.	.	.
www-sonatype-com-3567	404	1	Governments	government	NNS
www-sonatype-com-3567	404	2	Apply	apply	VBP
www-sonatype-com-3567	404	3	New	New	NNP
www-sonatype-com-3567	404	4	Standards	Standards	NNPS
www-sonatype-com-3567	404	5	to	to	TO
www-sonatype-com-3567	404	6	Secure	Secure	NNP
www-sonatype-com-3567	404	7	Software	Software	NNP
www-sonatype-com-3567	404	8	Supply	Supply	NNP
www-sonatype-com-3567	404	9	Chains	Chains	NNPS
www-sonatype-com-3567	404	10	Secure	secure	JJ
www-sonatype-com-3567	404	11	software	software	NN
www-sonatype-com-3567	404	12	practices	practice	NNS
www-sonatype-com-3567	404	13	extend	extend	VBP
www-sonatype-com-3567	404	14	from	from	IN
www-sonatype-com-3567	404	15	early	early	JJ
www-sonatype-com-3567	404	16	devel-	devel-	NNP
www-sonatype-com-3567	404	17	opment	opment	NN
www-sonatype-com-3567	404	18	through	through	IN
www-sonatype-com-3567	404	19	the	the	DT
www-sonatype-com-3567	404	20	active	active	JJ
www-sonatype-com-3567	404	21	life	life	NN
www-sonatype-com-3567	404	22	of	of	IN
www-sonatype-com-3567	404	23	an	an	DT
www-sonatype-com-3567	404	24	application	application	NN
www-sonatype-com-3567	404	25	in	in	IN
www-sonatype-com-3567	404	26	the	the	DT
www-sonatype-com-3567	404	27	market	market	NN
www-sonatype-com-3567	404	28	.	.	.
www-sonatype-com-3567	405	1	With	with	IN
www-sonatype-com-3567	405	2	an	an	DT
www-sonatype-com-3567	405	3	ever	ever	RB
www-sonatype-com-3567	405	4	increasing	increase	VBG
www-sonatype-com-3567	405	5	number	number	NN
www-sonatype-com-3567	405	6	of	of	IN
www-sonatype-com-3567	405	7	application	application	NN
www-sonatype-com-3567	405	8	breaches	breach	NNS
www-sonatype-com-3567	405	9	occurring	occur	VBG
www-sonatype-com-3567	405	10	,	,	,
www-sonatype-com-3567	405	11	standards	standard	NNS
www-sonatype-com-3567	405	12	bodies	body	NNS
www-sonatype-com-3567	405	13	and	and	CC
www-sonatype-com-3567	405	14	governments	government	NNS
www-sonatype-com-3567	405	15	are	be	VBP
www-sonatype-com-3567	405	16	stepping	step	VBG
www-sonatype-com-3567	405	17	in	in	RP
www-sonatype-com-3567	405	18	to	to	TO
www-sonatype-com-3567	405	19	hold	hold	VB
www-sonatype-com-3567	405	20	develop-	develop-	JJ
www-sonatype-com-3567	405	21	ment	ment	JJ
www-sonatype-com-3567	405	22	organizations	organization	NNS
www-sonatype-com-3567	405	23	accountable	accountable	JJ
www-sonatype-com-3567	405	24	for	for	IN
www-sonatype-com-3567	405	25	the	the	DT
www-sonatype-com-3567	405	26	quality	quality	NN
www-sonatype-com-3567	405	27	and	and	CC
www-sonatype-com-3567	405	28	security	security	NN
www-sonatype-com-3567	405	29	of	of	IN
www-sonatype-com-3567	405	30	the	the	DT
www-sonatype-com-3567	405	31	code	code	NN
www-sonatype-com-3567	405	32	they	-PRON-	PRP
www-sonatype-com-3567	405	33	assemble	assemble	VBP
www-sonatype-com-3567	405	34	and	and	CC
www-sonatype-com-3567	405	35	build	build	VBP
www-sonatype-com-3567	405	36	.	.	.
www-sonatype-com-3567	406	1	United	United	NNP
www-sonatype-com-3567	406	2	States	States	NNP
www-sonatype-com-3567	406	3	OPEN	OPEN	NNP
www-sonatype-com-3567	406	4	CHAIN	CHAIN	NNP
www-sonatype-com-3567	406	5	PROJECT	project	NN
www-sonatype-com-3567	406	6	—	—	:
www-sonatype-com-3567	406	7	LINUX	LINUX	NNP
www-sonatype-com-3567	406	8	FOUNDATION	FOUNDATION	NNP
www-sonatype-com-3567	406	9	In	in	IN
www-sonatype-com-3567	406	10	April	April	NNP
www-sonatype-com-3567	406	11	2019	2019	CD
www-sonatype-com-3567	406	12	,	,	,
www-sonatype-com-3567	406	13	the	the	DT
www-sonatype-com-3567	406	14	Open	Open	NNP
www-sonatype-com-3567	406	15	Chain	Chain	NNP
www-sonatype-com-3567	406	16	Specification	Specification	NNP
www-sonatype-com-3567	406	17	,	,	,
www-sonatype-com-3567	406	18	version	version	NN
www-sonatype-com-3567	406	19	2.0	2.0	CD
www-sonatype-com-3567	406	20	,	,	,
www-sonatype-com-3567	406	21	was	be	VBD
www-sonatype-com-3567	406	22	published	publish	VBN
www-sonatype-com-3567	406	23	to	to	TO
www-sonatype-com-3567	406	24	define	define	VB
www-sonatype-com-3567	406	25	the	the	DT
www-sonatype-com-3567	406	26	key	key	JJ
www-sonatype-com-3567	406	27	requirements	requirement	NNS
www-sonatype-com-3567	406	28	of	of	IN
www-sonatype-com-3567	406	29	a	a	DT
www-sonatype-com-3567	406	30	quality	quality	NN
www-sonatype-com-3567	406	31	open	open	JJ
www-sonatype-com-3567	406	32	source	source	NN
www-sonatype-com-3567	406	33	license	license	NN
www-sonatype-com-3567	406	34	compliance	compliance	NN
www-sonatype-com-3567	406	35	pro-	pro-	NN
www-sonatype-com-3567	406	36	gram	gram	NN
www-sonatype-com-3567	406	37	.	.	.
www-sonatype-com-3567	407	1	The	the	DT
www-sonatype-com-3567	407	2	objective	objective	NN
www-sonatype-com-3567	407	3	was	be	VBD
www-sonatype-com-3567	407	4	to	to	TO
www-sonatype-com-3567	407	5	provide	provide	VB
www-sonatype-com-3567	407	6	a	a	DT
www-sonatype-com-3567	407	7	benchmark	benchmark	NN
www-sonatype-com-3567	407	8	that	that	WDT
www-sonatype-com-3567	407	9	builds	build	VBZ
www-sonatype-com-3567	407	10	trust	trust	NN
www-sonatype-com-3567	407	11	between	between	IN
www-sonatype-com-3567	407	12	organizations	organization	NNS
www-sonatype-com-3567	407	13	exchanging	exchange	VBG
www-sonatype-com-3567	407	14	software	software	NN
www-sonatype-com-3567	407	15	solutions	solution	NNS
www-sonatype-com-3567	407	16	composed	compose	VBN
www-sonatype-com-3567	407	17	of	of	IN
www-sonatype-com-3567	407	18	open	open	JJ
www-sonatype-com-3567	407	19	source	source	NN
www-sonatype-com-3567	407	20	software	software	NN
www-sonatype-com-3567	407	21	.	.	.
www-sonatype-com-3567	408	1	In	in	IN
www-sonatype-com-3567	408	2	July	July	NNP
www-sonatype-com-3567	408	3	2019	2019	CD
www-sonatype-com-3567	408	4	,	,	,
www-sonatype-com-3567	408	5	Sen.	Sen.	NNP
www-sonatype-com-3567	408	6	Mike	Mike	NNP
www-sonatype-com-3567	408	7	Crapo	Crapo	NNP
www-sonatype-com-3567	408	8	(	(	-LRB-
www-sonatype-com-3567	408	9	R	R	NNP
www-sonatype-com-3567	408	10	-	-	HYPH
www-sonatype-com-3567	408	11	ID	ID	NNP
www-sonatype-com-3567	408	12	)	)	-RRB-
www-sonatype-com-3567	408	13	and	and	CC
www-sonatype-com-3567	408	14	Sen.	Sen.	NNP
www-sonatype-com-3567	408	15	Mark	Mark	NNP
www-sonatype-com-3567	408	16	Warner	Warner	NNP
www-sonatype-com-3567	408	17	(	(	-LRB-
www-sonatype-com-3567	408	18	D	D	NNP
www-sonatype-com-3567	408	19	-	-	HYPH
www-sonatype-com-3567	408	20	VA	VA	NNP
www-sonatype-com-3567	408	21	)	)	-RRB-
www-sonatype-com-3567	408	22	introduced	introduce	VBD
www-sonatype-com-3567	408	23	a	a	DT
www-sonatype-com-3567	408	24	bill	bill	NN
www-sonatype-com-3567	408	25	explaining	explain	VBG
www-sonatype-com-3567	408	26	that	that	IN
www-sonatype-com-3567	408	27	software	software	NN
www-sonatype-com-3567	408	28	supply	supply	NN
www-sonatype-com-3567	408	29	chains	chain	NNS
www-sonatype-com-3567	408	30	have	have	VBP
www-sonatype-com-3567	408	31	proven	prove	VBN
www-sonatype-com-3567	408	32	to	to	TO
www-sonatype-com-3567	408	33	be	be	VB
www-sonatype-com-3567	408	34	major	major	JJ
www-sonatype-com-3567	408	35	means	mean	NNS
www-sonatype-com-3567	408	36	through	through	IN
www-sonatype-com-3567	408	37	which	which	WDT
www-sonatype-com-3567	408	38	adversaries	adversary	NNS
www-sonatype-com-3567	408	39	seek	seek	VBP
www-sonatype-com-3567	408	40	gain	gain	VBP
www-sonatype-com-3567	408	41	access	access	NN
www-sonatype-com-3567	408	42	to	to	IN
www-sonatype-com-3567	408	43	weapons	weapon	NNS
www-sonatype-com-3567	408	44	systems	system	NNS
www-sonatype-com-3567	408	45	,	,	,
www-sonatype-com-3567	408	46	IT	it	NN
www-sonatype-com-3567	408	47	systems	system	NNS
www-sonatype-com-3567	408	48	,	,	,
www-sonatype-com-3567	408	49	and	and	CC
www-sonatype-com-3567	408	50	communications	communication	NNS
www-sonatype-com-3567	408	51	technology	technology	NN
www-sonatype-com-3567	408	52	platforms	platform	NNS
www-sonatype-com-3567	408	53	.	.	.
www-sonatype-com-3567	409	1	372020	372020	CD
www-sonatype-com-3567	409	2	STATE	STATE	NNP
www-sonatype-com-3567	409	3	OF	of	IN
www-sonatype-com-3567	409	4	THE	the	DT
www-sonatype-com-3567	409	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	409	6	SUPPLY	supply	NN
www-sonatype-com-3567	409	7	CHAIN	chain	NN
www-sonatype-com-3567	409	8	REPORT	report	NN
www-sonatype-com-3567	409	9	C	c	NN
www-sonatype-com-3567	409	10	H	h	NN
www-sonatype-com-3567	409	11	A	a	NN
www-sonatype-com-3567	409	12	P	p	NN
www-sonatype-com-3567	409	13	T	t	NN
www-sonatype-com-3567	409	14	E	e	NN
www-sonatype-com-3567	409	15	R	r	NN
www-sonatype-com-3567	409	16	6	6	CD
www-sonatype-com-3567	409	17	:	:	:
www-sonatype-com-3567	409	18	T	t	NN
www-sonatype-com-3567	409	19	H	h	NN
www-sonatype-com-3567	409	20	E	e	NN
www-sonatype-com-3567	409	21	C	c	NN
www-sonatype-com-3567	409	22	H	h	NN
www-sonatype-com-3567	409	23	A	a	NN
www-sonatype-com-3567	409	24	N	n	NN
www-sonatype-com-3567	409	25	G	g	NN
www-sonatype-com-3567	409	26	IN	in	IN
www-sonatype-com-3567	409	27	G	g	NN
www-sonatype-com-3567	409	28	O	o	NN
www-sonatype-com-3567	409	29	S	s	NN
www-sonatype-com-3567	409	30	S	s	NN
www-sonatype-com-3567	409	31	L	l	NN
www-sonatype-com-3567	409	32	A	A	NNP
www-sonatype-com-3567	409	33	N	N	NNP
www-sonatype-com-3567	409	34	D	d	NN
www-sonatype-com-3567	409	35	S	s	NN
www-sonatype-com-3567	409	36	C	c	NN
www-sonatype-com-3567	409	37	A	a	NN
www-sonatype-com-3567	409	38	P	p	NN
www-sonatype-com-3567	409	39	E	e	NN
www-sonatype-com-3567	409	40	:	:	:
www-sonatype-com-3567	409	41	S	s	NN
www-sonatype-com-3567	409	42	O	o	NN
www-sonatype-com-3567	409	43	C	c	NN
www-sonatype-com-3567	409	44	IA	ia	NN
www-sonatype-com-3567	409	45	L	l	NN
www-sonatype-com-3567	409	46	A	A	NNP
www-sonatype-com-3567	409	47	C	c	NN
www-sonatype-com-3567	409	48	T	t	NN
www-sonatype-com-3567	409	49	IV	iv	NN
www-sonatype-com-3567	409	50	IS	be	VBZ
www-sonatype-com-3567	409	51	M	M	NNP
www-sonatype-com-3567	409	52	A	A	NNP
www-sonatype-com-3567	409	53	N	n	NN
www-sonatype-com-3567	409	54	D	d	NN
www-sonatype-com-3567	409	55	G	g	NN
www-sonatype-com-3567	409	56	O	o	NN
www-sonatype-com-3567	409	57	V	v	NN
www-sonatype-com-3567	409	58	E	e	NN
www-sonatype-com-3567	409	59	R	r	NN
www-sonatype-com-3567	409	60	N	n	NN
www-sonatype-com-3567	409	61	M	m	NN
www-sonatype-com-3567	409	62	E	e	NN
www-sonatype-com-3567	409	63	N	n	NN
www-sonatype-com-3567	409	64	T	t	NN
www-sonatype-com-3567	409	65	S	s	NN
www-sonatype-com-3567	409	66	T	t	NN
www-sonatype-com-3567	409	67	A	a	NN
www-sonatype-com-3567	409	68	N	n	NN
www-sonatype-com-3567	409	69	D	d	NN
www-sonatype-com-3567	409	70	A	a	NN
www-sonatype-com-3567	409	71	R	r	NN
www-sonatype-com-3567	409	72	D	d	NN
www-sonatype-com-3567	409	73	S	s	NN
www-sonatype-com-3567	409	74	Section	section	NN
www-sonatype-com-3567	409	75	3.1	3.1	CD
www-sonatype-com-3567	409	76	of	of	IN
www-sonatype-com-3567	409	77	the	the	DT
www-sonatype-com-3567	409	78	specification	specification	NN
www-sonatype-com-3567	409	79	called	call	VBD
www-sonatype-com-3567	409	80	for	for	IN
www-sonatype-com-3567	409	81	creating	create	VBG
www-sonatype-com-3567	409	82	a	a	DT
www-sonatype-com-3567	409	83	Software	Software	NNP
www-sonatype-com-3567	409	84	Bill	Bill	NNP
www-sonatype-com-3567	409	85	of	of	IN
www-sonatype-com-3567	409	86	Materials	Materials	NNP
www-sonatype-com-3567	409	87	(	(	-LRB-
www-sonatype-com-3567	409	88	SBOM	SBOM	NNP
www-sonatype-com-3567	409	89	)	)	-RRB-
www-sonatype-com-3567	409	90	.	.	.
www-sonatype-com-3567	410	1	The	the	DT
www-sonatype-com-3567	410	2	SBOM	sbom	NN
www-sonatype-com-3567	410	3	would	would	MD
www-sonatype-com-3567	410	4	be	be	VB
www-sonatype-com-3567	410	5	used	use	VBN
www-sonatype-com-3567	410	6	to	to	TO
www-sonatype-com-3567	410	7	identify	identify	VB
www-sonatype-com-3567	410	8	,	,	,
www-sonatype-com-3567	410	9	track	track	VB
www-sonatype-com-3567	410	10	,	,	,
www-sonatype-com-3567	410	11	review	review	NN
www-sonatype-com-3567	410	12	,	,	,
www-sonatype-com-3567	410	13	approve	approve	VB
www-sonatype-com-3567	410	14	,	,	,
www-sonatype-com-3567	410	15	and	and	CC
www-sonatype-com-3567	410	16	archive	archive	JJ
www-sonatype-com-3567	410	17	information	information	NN
www-sonatype-com-3567	410	18	about	about	IN
www-sonatype-com-3567	410	19	the	the	DT
www-sonatype-com-3567	410	20	open	open	JJ
www-sonatype-com-3567	410	21	source	source	NN
www-sonatype-com-3567	410	22	software	software	NN
www-sonatype-com-3567	410	23	components	component	NNS
www-sonatype-com-3567	410	24	used	use	VBN
www-sonatype-com-3567	410	25	in	in	IN
www-sonatype-com-3567	410	26	a	a	DT
www-sonatype-com-3567	410	27	software	software	NN
www-sonatype-com-3567	410	28	application	application	NN
www-sonatype-com-3567	410	29	,	,	,
www-sonatype-com-3567	410	30	middleware	middleware	NN
www-sonatype-com-3567	410	31	,	,	,
www-sonatype-com-3567	410	32	firmware	firmware	JJ
www-sonatype-com-3567	410	33	or	or	CC
www-sonatype-com-3567	410	34	operating	operating	NN
www-sonatype-com-3567	410	35	system	system	NN
www-sonatype-com-3567	410	36	.	.	.
www-sonatype-com-3567	411	1	The	the	DT
www-sonatype-com-3567	411	2	specification	specification	NN
www-sonatype-com-3567	411	3	maintains	maintain	VBZ
www-sonatype-com-3567	411	4	that	that	IN
www-sonatype-com-3567	411	5	an	an	DT
www-sonatype-com-3567	411	6	SBOM	sbom	NN
www-sonatype-com-3567	411	7	is	be	VBZ
www-sonatype-com-3567	411	8	needed	need	VBN
www-sonatype-com-3567	411	9	to	to	TO
www-sonatype-com-3567	411	10	support	support	VB
www-sonatype-com-3567	411	11	the	the	DT
www-sonatype-com-3567	411	12	systematic	systematic	JJ
www-sonatype-com-3567	411	13	review	review	NN
www-sonatype-com-3567	411	14	and	and	CC
www-sonatype-com-3567	411	15	approval	approval	NN
www-sonatype-com-3567	411	16	of	of	IN
www-sonatype-com-3567	411	17	each	each	DT
www-sonatype-com-3567	411	18	component	component	NN
www-sonatype-com-3567	411	19	’s	’s	POS
www-sonatype-com-3567	411	20	license	license	NN
www-sonatype-com-3567	411	21	terms	term	NNS
www-sonatype-com-3567	411	22	to	to	TO
www-sonatype-com-3567	411	23	understand	understand	VB
www-sonatype-com-3567	411	24	the	the	DT
www-sonatype-com-3567	411	25	obligations	obligation	NNS
www-sonatype-com-3567	411	26	and	and	CC
www-sonatype-com-3567	411	27	restrictions	restriction	NNS
www-sonatype-com-3567	411	28	as	as	IN
www-sonatype-com-3567	411	29	it	-PRON-	PRP
www-sonatype-com-3567	411	30	applies	apply	VBZ
www-sonatype-com-3567	411	31	to	to	IN
www-sonatype-com-3567	411	32	the	the	DT
www-sonatype-com-3567	411	33	distribution	distribution	NN
www-sonatype-com-3567	411	34	of	of	IN
www-sonatype-com-3567	411	35	software.39	software.39	NNP
www-sonatype-com-3567	411	36	CYBERSECURITY	CYBERSECURITY	NNP
www-sonatype-com-3567	411	37	&	&	CC
www-sonatype-com-3567	411	38	INFRASTRUCTURE	infrastructure	NN
www-sonatype-com-3567	411	39	SECURITY	security	NN
www-sonatype-com-3567	411	40	AGENCY	AGENCY	VBN
www-sonatype-com-3567	411	41	In	in	IN
www-sonatype-com-3567	411	42	May	May	NNP
www-sonatype-com-3567	411	43	2019	2019	CD
www-sonatype-com-3567	411	44	,	,	,
www-sonatype-com-3567	411	45	CISA	CISA	NNP
www-sonatype-com-3567	411	46	’s	’s	POS
www-sonatype-com-3567	411	47	Supply	Supply	NNP
www-sonatype-com-3567	411	48	Chain	Chain	NNP
www-sonatype-com-3567	411	49	Risk	Risk	NNP
www-sonatype-com-3567	411	50	Management	Management	NNP
www-sonatype-com-3567	411	51	(	(	-LRB-
www-sonatype-com-3567	411	52	SCRM	SCRM	NNP
www-sonatype-com-3567	411	53	)	)	-RRB-
www-sonatype-com-3567	411	54	published	publish	VBD
www-sonatype-com-3567	411	55	a	a	DT
www-sonatype-com-3567	411	56	guide	guide	NN
www-sonatype-com-3567	411	57	for	for	IN
www-sonatype-com-3567	411	58	detailing	detail	VBG
www-sonatype-com-3567	411	59	actionable	actionable	JJ
www-sonatype-com-3567	411	60	steps	step	NNS
www-sonatype-com-3567	411	61	on	on	IN
www-sonatype-com-3567	411	62	how	how	WRB
www-sonatype-com-3567	411	63	to	to	TO
www-sonatype-com-3567	411	64	start	start	VB
www-sonatype-com-3567	411	65	securing	secure	VBG
www-sonatype-com-3567	411	66	software	software	NN
www-sonatype-com-3567	411	67	supply	supply	NN
www-sonatype-com-3567	411	68	chains	chain	NNS
www-sonatype-com-3567	411	69	.	.	.
www-sonatype-com-3567	412	1	Steps	step	NNS
www-sonatype-com-3567	412	2	recommended	recommend	VBD
www-sonatype-com-3567	412	3	building	build	VBG
www-sonatype-com-3567	412	4	a	a	DT
www-sonatype-com-3567	412	5	list	list	NN
www-sonatype-com-3567	412	6	of	of	IN
www-sonatype-com-3567	412	7	the	the	DT
www-sonatype-com-3567	412	8	software	software	NN
www-sonatype-com-3567	412	9	components	component	NNS
www-sonatype-com-3567	412	10	organizations	organization	NNS
www-sonatype-com-3567	412	11	procured	procure	VBD
www-sonatype-com-3567	412	12	,	,	,
www-sonatype-com-3567	412	13	mapping	map	VBG
www-sonatype-com-3567	412	14	supply	supply	NN
www-sonatype-com-3567	412	15	chains	chain	NNS
www-sonatype-com-3567	412	16	to	to	TO
www-sonatype-com-3567	412	17	better	well	RBR
www-sonatype-com-3567	412	18	understand	understand	VB
www-sonatype-com-3567	412	19	what	what	WP
www-sonatype-com-3567	412	20	components	component	NNS
www-sonatype-com-3567	412	21	were	be	VBD
www-sonatype-com-3567	412	22	being	be	VBG
www-sonatype-com-3567	412	23	procured	procure	VBN
www-sonatype-com-3567	412	24	,	,	,
www-sonatype-com-3567	412	25	determining	determine	VBG
www-sonatype-com-3567	412	26	how	how	WRB
www-sonatype-com-3567	412	27	organizations	organization	NNS
www-sonatype-com-3567	412	28	would	would	MD
www-sonatype-com-3567	412	29	assess	assess	VB
www-sonatype-com-3567	412	30	the	the	DT
www-sonatype-com-3567	412	31	security	security	NN
www-sonatype-com-3567	412	32	culture	culture	NN
www-sonatype-com-3567	412	33	of	of	IN
www-sonatype-com-3567	412	34	suppliers	supplier	NNS
www-sonatype-com-3567	412	35	,	,	,
www-sonatype-com-3567	412	36	and	and	CC
www-sonatype-com-3567	412	37	establishing	establish	VBG
www-sonatype-com-3567	412	38	systems	system	NNS
www-sonatype-com-3567	412	39	for	for	IN
www-sonatype-com-3567	412	40	checking	check	VBG
www-sonatype-com-3567	412	41	supply	supply	NN
www-sonatype-com-3567	412	42	chain	chain	NN
www-sonatype-com-3567	412	43	practices	practice	NNS
www-sonatype-com-3567	412	44	against	against	IN
www-sonatype-com-3567	412	45	guidelines.40	guidelines.40	NNP
www-sonatype-com-3567	412	46	U.S.	U.S.	NNP
www-sonatype-com-3567	412	47	CONGRESS	CONGRESS	NNP
www-sonatype-com-3567	412	48	In	in	IN
www-sonatype-com-3567	412	49	July	July	NNP
www-sonatype-com-3567	412	50	2019	2019	CD
www-sonatype-com-3567	412	51	,	,	,
www-sonatype-com-3567	412	52	Sen.	Sen.	NNP
www-sonatype-com-3567	412	53	Mike	Mike	NNP
www-sonatype-com-3567	412	54	Crapo	Crapo	NNP
www-sonatype-com-3567	412	55	(	(	-LRB-
www-sonatype-com-3567	412	56	R	R	NNP
www-sonatype-com-3567	412	57	-	-	HYPH
www-sonatype-com-3567	412	58	ID	ID	NNP
www-sonatype-com-3567	412	59	)	)	-RRB-
www-sonatype-com-3567	412	60	and	and	CC
www-sonatype-com-3567	412	61	Sen.	Sen.	NNP
www-sonatype-com-3567	412	62	Mark	Mark	NNP
www-sonatype-com-3567	412	63	Warner	Warner	NNP
www-sonatype-com-3567	412	64	(	(	-LRB-
www-sonatype-com-3567	412	65	D	D	NNP
www-sonatype-com-3567	412	66	-	-	HYPH
www-sonatype-com-3567	412	67	VA	VA	NNP
www-sonatype-com-3567	412	68	)	)	-RRB-
www-sonatype-com-3567	412	69	introduced	introduce	VBD
www-sonatype-com-3567	412	70	a	a	DT
www-sonatype-com-3567	412	71	bill	bill	NN
www-sonatype-com-3567	412	72	explaining	explain	VBG
www-sonatype-com-3567	412	73	that	that	IN
www-sonatype-com-3567	412	74	software	software	NN
www-sonatype-com-3567	412	75	supply	supply	NN
www-sonatype-com-3567	412	76	chains	chain	NNS
www-sonatype-com-3567	412	77	have	have	VBP
www-sonatype-com-3567	412	78	proven	prove	VBN
www-sonatype-com-3567	412	79	to	to	TO
www-sonatype-com-3567	412	80	be	be	VB
www-sonatype-com-3567	412	81	major	major	JJ
www-sonatype-com-3567	412	82	means	mean	NNS
www-sonatype-com-3567	412	83	through	through	IN
www-sonatype-com-3567	412	84	which	which	WDT
www-sonatype-com-3567	412	85	adversaries	adversary	NNS
www-sonatype-com-3567	412	86	seek	seek	VBP
www-sonatype-com-3567	412	87	gain	gain	VBP
www-sonatype-com-3567	412	88	access	access	NN
www-sonatype-com-3567	412	89	to	to	IN
www-sonatype-com-3567	412	90	weapons	weapon	NNS
www-sonatype-com-3567	412	91	systems	system	NNS
www-sonatype-com-3567	412	92	,	,	,
www-sonatype-com-3567	412	93	IT	it	NN
www-sonatype-com-3567	412	94	systems	system	NNS
www-sonatype-com-3567	412	95	,	,	,
www-sonatype-com-3567	412	96	and	and	CC
www-sonatype-com-3567	412	97	communica-	communica-	JJ
www-sonatype-com-3567	412	98	tions	tion	NNS
www-sonatype-com-3567	412	99	technology	technology	NN
www-sonatype-com-3567	412	100	platforms	platform	NNS
www-sonatype-com-3567	412	101	.	.	.
www-sonatype-com-3567	413	1	While	while	IN
www-sonatype-com-3567	413	2	not	not	RB
www-sonatype-com-3567	413	3	signed	sign	VBN
www-sonatype-com-3567	413	4	into	into	IN
www-sonatype-com-3567	413	5	law	law	NN
www-sonatype-com-3567	413	6	,	,	,
www-sonatype-com-3567	413	7	the	the	DT
www-sonatype-com-3567	413	8	bill	bill	NN
www-sonatype-com-3567	413	9	had	have	VBD
www-sonatype-com-3567	413	10	called	call	VBN
www-sonatype-com-3567	413	11	for	for	IN
www-sonatype-com-3567	413	12	“	"	``
www-sonatype-com-3567	413	13	stronger	strong	JJR
www-sonatype-com-3567	413	14	effort	effort	NN
www-sonatype-com-3567	413	15	should	should	MD
www-sonatype-com-3567	413	16	be	be	VB
www-sonatype-com-3567	413	17	placed	place	VBN
www-sonatype-com-3567	413	18	on	on	IN
www-sonatype-com-3567	413	19	securing	secure	VBG
www-sonatype-com-3567	413	20	the	the	DT
www-sonatype-com-3567	413	21	vast	vast	JJ
www-sonatype-com-3567	413	22	supply	supply	NN
www-sonatype-com-3567	413	23	chains	chain	NNS
www-sonatype-com-3567	413	24	of	of	IN
www-sonatype-com-3567	413	25	the	the	DT
www-sonatype-com-3567	413	26	contractors	contractor	NNS
www-sonatype-com-3567	413	27	responsible	responsible	JJ
www-sonatype-com-3567	413	28	for	for	IN
www-sonatype-com-3567	413	29	developing	develop	VBG
www-sonatype-com-3567	413	30	and	and	CC
www-sonatype-com-3567	413	31	producing	produce	VBG
www-sonatype-com-3567	413	32	the	the	DT
www-sonatype-com-3567	413	33	defense	defense	NN
www-sonatype-com-3567	413	34	related	relate	VBN
www-sonatype-com-3567	413	35	capabilities	capability	NNS
www-sonatype-com-3567	413	36	of	of	IN
www-sonatype-com-3567	413	37	the	the	DT
www-sonatype-com-3567	413	38	United	United	NNP
www-sonatype-com-3567	413	39	States	States	NNP
www-sonatype-com-3567	413	40	.	.	.
www-sonatype-com-3567	413	41	”41	”41	NNP
www-sonatype-com-3567	413	42	OASIS	OASIS	NNP
www-sonatype-com-3567	413	43	OPEN	OPEN	NNP
www-sonatype-com-3567	413	44	COMMAND	command	NN
www-sonatype-com-3567	413	45	AND	and	CC
www-sonatype-com-3567	413	46	CONTROL	control	NN
www-sonatype-com-3567	413	47	(	(	-LRB-
www-sonatype-com-3567	413	48	OPENC2	OPENC2	NNP
www-sonatype-com-3567	413	49	)	)	-RRB-
www-sonatype-com-3567	413	50	TC	TC	NNP
www-sonatype-com-3567	413	51	In	in	IN
www-sonatype-com-3567	413	52	October	October	NNP
www-sonatype-com-3567	413	53	2019	2019	CD
www-sonatype-com-3567	413	54	,	,	,
www-sonatype-com-3567	413	55	members	member	NNS
www-sonatype-com-3567	413	56	of	of	IN
www-sonatype-com-3567	413	57	the	the	DT
www-sonatype-com-3567	413	58	OASIS	OASIS	NNP
www-sonatype-com-3567	413	59	Open	Open	NNP
www-sonatype-com-3567	413	60	Command	Command	NNP
www-sonatype-com-3567	413	61	and	and	CC
www-sonatype-com-3567	413	62	Control	Control	NNP
www-sonatype-com-3567	413	63	(	(	-LRB-
www-sonatype-com-3567	413	64	OpenC2	openc2	NN
www-sonatype-com-3567	413	65	)	)	-RRB-
www-sonatype-com-3567	413	66	TC	TC	NNP
www-sonatype-com-3567	413	67	started	start	VBD
www-sonatype-com-3567	413	68	sharing	share	VBG
www-sonatype-com-3567	413	69	documents	document	NNS
www-sonatype-com-3567	413	70	,	,	,
www-sonatype-com-3567	413	71	specifications	specification	NNS
www-sonatype-com-3567	413	72	,	,	,
www-sonatype-com-3567	413	73	lexicons	lexicon	NNS
www-sonatype-com-3567	413	74	or	or	CC
www-sonatype-com-3567	413	75	other	other	JJ
www-sonatype-com-3567	413	76	artifacts	artifact	NNS
www-sonatype-com-3567	413	77	on	on	IN
www-sonatype-com-3567	413	78	GitHub	GitHub	NNP
www-sonatype-com-3567	413	79	aimed	aim	VBD
www-sonatype-com-3567	413	80	to	to	TO
www-sonatype-com-3567	413	81	fulfill	fulfill	VB
www-sonatype-com-3567	413	82	the	the	DT
www-sonatype-com-3567	413	83	needs	need	NNS
www-sonatype-com-3567	413	84	of	of	IN
www-sonatype-com-3567	413	85	cyber	cyber	NNP
www-sonatype-com-3567	413	86	security	security	NN
www-sonatype-com-3567	413	87	command	command	NN
www-sonatype-com-3567	413	88	and	and	CC
www-sonatype-com-3567	413	89	control	control	NN
www-sonatype-com-3567	413	90	in	in	IN
www-sonatype-com-3567	413	91	a	a	DT
www-sonatype-com-3567	413	92	stan-	stan-	NN
www-sonatype-com-3567	413	93	dardized	dardize	VBN
www-sonatype-com-3567	413	94	manner	manner	NN
www-sonatype-com-3567	413	95	.	.	.
www-sonatype-com-3567	414	1	Among	among	IN
www-sonatype-com-3567	414	2	them	-PRON-	PRP
www-sonatype-com-3567	414	3	,	,	,
www-sonatype-com-3567	414	4	the	the	DT
www-sonatype-com-3567	414	5	Department	Department	NNP
www-sonatype-com-3567	414	6	of	of	IN
www-sonatype-com-3567	414	7	Defense	Defense	NNP
www-sonatype-com-3567	414	8	comply	comply	NN
www-sonatype-com-3567	414	9	-	-	HYPH
www-sonatype-com-3567	414	10	to	to	IN
www-sonatype-com-3567	414	11	-	-	HYPH
www-sonatype-com-3567	414	12	connect	connect	VB
www-sonatype-com-3567	414	13	use	use	NN
www-sonatype-com-3567	414	14	case	case	NN
www-sonatype-com-3567	414	15	defined	define	VBD
www-sonatype-com-3567	414	16	an	an	DT
www-sonatype-com-3567	414	17	early	early	JJ
www-sonatype-com-3567	414	18	step	step	NN
www-sonatype-com-3567	414	19	of	of	IN
www-sonatype-com-3567	414	20	querying	query	VBG
www-sonatype-com-3567	414	21	the	the	DT
www-sonatype-com-3567	414	22	new	new	JJ
www-sonatype-com-3567	414	23	device	device	NN
www-sonatype-com-3567	414	24	requesting	request	VBG
www-sonatype-com-3567	414	25	its	-PRON-	PRP$
www-sonatype-com-3567	414	26	“	"	``
www-sonatype-com-3567	414	27	Software	Software	NNP
www-sonatype-com-3567	414	28	Bill	Bill	NNP
www-sonatype-com-3567	414	29	of	of	IN
www-sonatype-com-3567	414	30	Materials	Materials	NNPS
www-sonatype-com-3567	414	31	”	"	''
www-sonatype-com-3567	414	32	and	and	CC
www-sonatype-com-3567	414	33	comparing	compare	VBG
www-sonatype-com-3567	414	34	it	-PRON-	PRP
www-sonatype-com-3567	414	35	to	to	IN
www-sonatype-com-3567	414	36	policy	policy	NN
www-sonatype-com-3567	414	37	as	as	IN
www-sonatype-com-3567	414	38	part	part	NN
www-sonatype-com-3567	414	39	of	of	IN
www-sonatype-com-3567	414	40	an	an	DT
www-sonatype-com-3567	414	41	acceptance	acceptance	NN
www-sonatype-com-3567	414	42	process.42	process.42	NNP
www-sonatype-com-3567	414	43	NATIONAL	NATIONAL	NNP
www-sonatype-com-3567	414	44	TELECOMMUNICATIONS	TELECOMMUNICATIONS	NNP
www-sonatype-com-3567	414	45	AND	and	CC
www-sonatype-com-3567	414	46	INFORMATION	INFORMATION	NNP
www-sonatype-com-3567	414	47	ADMINISTRATION	ADMINISTRATION	NNP
www-sonatype-com-3567	414	48	Over	over	IN
www-sonatype-com-3567	414	49	the	the	DT
www-sonatype-com-3567	414	50	past	past	JJ
www-sonatype-com-3567	414	51	year	year	NN
www-sonatype-com-3567	414	52	,	,	,
www-sonatype-com-3567	414	53	the	the	DT
www-sonatype-com-3567	414	54	National	National	NNP
www-sonatype-com-3567	414	55	Telecommunications	Telecommunications	NNPS
www-sonatype-com-3567	414	56	and	and	CC
www-sonatype-com-3567	414	57	Information	Information	NNP
www-sonatype-com-3567	414	58	Administration	Administration	NNP
www-sonatype-com-3567	414	59	(	(	-LRB-
www-sonatype-com-3567	414	60	NTIA	NTIA	NNP
www-sonatype-com-3567	414	61	)	)	-RRB-
www-sonatype-com-3567	414	62	continued	continue	VBD
www-sonatype-com-3567	414	63	its	-PRON-	PRP$
www-sonatype-com-3567	414	64	pursuit	pursuit	NN
www-sonatype-com-3567	414	65	to	to	TO
www-sonatype-com-3567	414	66	establish	establish	VB
www-sonatype-com-3567	414	67	the	the	DT
www-sonatype-com-3567	414	68	definition	definition	NN
www-sonatype-com-3567	414	69	formats	format	NNS
www-sonatype-com-3567	414	70	and	and	CC
www-sonatype-com-3567	414	71	standards	standard	NNS
www-sonatype-com-3567	414	72	for	for	IN
www-sonatype-com-3567	414	73	a	a	DT
www-sonatype-com-3567	414	74	Software	Software	NNP
www-sonatype-com-3567	414	75	Bill	Bill	NNP
www-sonatype-com-3567	414	76	of	of	IN
www-sonatype-com-3567	414	77	Materials	Materials	NNP
www-sonatype-com-3567	414	78	(	(	-LRB-
www-sonatype-com-3567	414	79	SBOM	SBOM	NNP
www-sonatype-com-3567	414	80	)	)	-RRB-
www-sonatype-com-3567	414	81	.	.	.
www-sonatype-com-3567	415	1	This	this	DT
www-sonatype-com-3567	415	2	multi-	multi-	JJ
www-sonatype-com-3567	415	3	year	year	NN
www-sonatype-com-3567	415	4	,	,	,
www-sonatype-com-3567	415	5	non	non	JJ
www-sonatype-com-3567	415	6	-	-	JJ
www-sonatype-com-3567	415	7	partisan	partisan	JJ
www-sonatype-com-3567	415	8	initiative	initiative	NN
www-sonatype-com-3567	415	9	aims	aim	VBZ
www-sonatype-com-3567	415	10	to	to	TO
www-sonatype-com-3567	415	11	define	define	VB
www-sonatype-com-3567	415	12	SBOM	sbom	NN
www-sonatype-com-3567	415	13	concepts	concept	NNS
www-sonatype-com-3567	415	14	and	and	CC
www-sonatype-com-3567	415	15	related	related	JJ
www-sonatype-com-3567	415	16	terms	term	NNS
www-sonatype-com-3567	415	17	,	,	,
www-sonatype-com-3567	415	18	offers	offer	VBZ
www-sonatype-com-3567	415	19	a	a	DT
www-sonatype-com-3567	415	20	baseline	baseline	NN
www-sonatype-com-3567	415	21	of	of	IN
www-sonatype-com-3567	415	22	how	how	WRB
www-sonatype-com-3567	415	23	software	software	NN
www-sonatype-com-3567	415	24	components	component	NNS
www-sonatype-com-3567	415	25	are	be	VBP
www-sonatype-com-3567	415	26	to	to	TO
www-sonatype-com-3567	415	27	be	be	VB
www-sonatype-com-3567	415	28	represented	represent	VBN
www-sonatype-com-3567	415	29	,	,	,
www-sonatype-com-3567	415	30	and	and	CC
www-sonatype-com-3567	415	31	discusses	discuss	VBZ
www-sonatype-com-3567	415	32	the	the	DT
www-sonatype-com-3567	415	33	processes	process	NNS
www-sonatype-com-3567	415	34	around	around	IN
www-sonatype-com-3567	415	35	SBOM	SBOM	NNP
www-sonatype-com-3567	415	36	cre-	cre-	NN
www-sonatype-com-3567	415	37	ation	ation	NN
www-sonatype-com-3567	415	38	.	.	.
www-sonatype-com-3567	416	1	The	the	DT
www-sonatype-com-3567	416	2	initiative	initiative	NN
www-sonatype-com-3567	416	3	has	have	VBZ
www-sonatype-com-3567	416	4	also	also	RB
www-sonatype-com-3567	416	5	detailed	detail	VBN
www-sonatype-com-3567	416	6	the	the	DT
www-sonatype-com-3567	416	7	benefits	benefit	NNS
www-sonatype-com-3567	416	8	of	of	IN
www-sonatype-com-3567	416	9	building	build	VBG
www-sonatype-com-3567	416	10	and	and	CC
www-sonatype-com-3567	416	11	managing	manage	VBG
www-sonatype-com-3567	416	12	SBOMs	sbom	NNS
www-sonatype-com-3567	416	13	from	from	IN
www-sonatype-com-3567	416	14	the	the	DT
www-sonatype-com-3567	416	15	per-	per-	NN
www-sonatype-com-3567	416	16	spective	spective	JJ
www-sonatype-com-3567	416	17	of	of	IN
www-sonatype-com-3567	416	18	those	those	DT
www-sonatype-com-3567	416	19	who	who	WP
www-sonatype-com-3567	416	20	make	make	VBP
www-sonatype-com-3567	416	21	software	software	NN
www-sonatype-com-3567	416	22	,	,	,
www-sonatype-com-3567	416	23	those	those	DT
www-sonatype-com-3567	416	24	who	who	WP
www-sonatype-com-3567	416	25	choose	choose	VBP
www-sonatype-com-3567	416	26	or	or	CC
www-sonatype-com-3567	416	27	buy	buy	VBP
www-sonatype-com-3567	416	28	software	software	NN
www-sonatype-com-3567	416	29	,	,	,
www-sonatype-com-3567	416	30	and	and	CC
www-sonatype-com-3567	416	31	those	those	DT
www-sonatype-com-3567	416	32	who	who	WP
www-sonatype-com-3567	416	33	operate	operate	VBP
www-sonatype-com-3567	416	34	it	-PRON-	PRP
www-sonatype-com-3567	416	35	—	—	:
www-sonatype-com-3567	416	36	characterizing	characterize	VBG
www-sonatype-com-3567	416	37	security	security	NN
www-sonatype-com-3567	416	38	,	,	,
www-sonatype-com-3567	416	39	quality	quality	NN
www-sonatype-com-3567	416	40	,	,	,
www-sonatype-com-3567	416	41	efficiency	efficiency	NN
www-sonatype-com-3567	416	42	,	,	,
www-sonatype-com-3567	416	43	and	and	CC
www-sonatype-com-3567	416	44	other	other	JJ
www-sonatype-com-3567	416	45	organizational	organizational	JJ
www-sonatype-com-3567	416	46	benefits	benefit	NNS
www-sonatype-com-3567	416	47	.	.	.
www-sonatype-com-3567	417	1	FOOD	FOOD	NNP
www-sonatype-com-3567	417	2	AND	and	CC
www-sonatype-com-3567	417	3	DRUG	DRUG	NNP
www-sonatype-com-3567	417	4	ADMINISTRATION	ADMINISTRATION	NNP
www-sonatype-com-3567	417	5	Working	work	VBG
www-sonatype-com-3567	417	6	hand	hand	NN
www-sonatype-com-3567	417	7	in	in	IN
www-sonatype-com-3567	417	8	hand	hand	NN
www-sonatype-com-3567	417	9	with	with	IN
www-sonatype-com-3567	417	10	the	the	DT
www-sonatype-com-3567	417	11	U.S.	U.S.	NNP
www-sonatype-com-3567	417	12	Food	Food	NNP
www-sonatype-com-3567	417	13	and	and	CC
www-sonatype-com-3567	417	14	Drug	Drug	NNP
www-sonatype-com-3567	417	15	Administration	Administration	NNP
www-sonatype-com-3567	417	16	(	(	-LRB-
www-sonatype-com-3567	417	17	FDA	FDA	NNP
www-sonatype-com-3567	417	18	)	)	-RRB-
www-sonatype-com-3567	417	19	,	,	,
www-sonatype-com-3567	417	20	the	the	DT
www-sonatype-com-3567	417	21	NTIA	NTIA	NNP
www-sonatype-com-3567	417	22	produced	produce	VBD
www-sonatype-com-3567	417	23	a	a	DT
www-sonatype-com-3567	417	24	report	report	NN
www-sonatype-com-3567	417	25	documenting	document	VBG
www-sonatype-com-3567	417	26	the	the	DT
www-sonatype-com-3567	417	27	successful	successful	JJ
www-sonatype-com-3567	417	28	execution	execution	NN
www-sonatype-com-3567	417	29	and	and	CC
www-sonatype-com-3567	417	30	lessons	lesson	NNS
www-sonatype-com-3567	417	31	learned	learn	VBN
www-sonatype-com-3567	417	32	of	of	IN
www-sonatype-com-3567	417	33	a	a	DT
www-sonatype-com-3567	417	34	proof	proof	NN
www-sonatype-com-3567	417	35	-	-	HYPH
www-sonatype-com-3567	417	36	of	of	IN
www-sonatype-com-3567	417	37	-	-	HYPH
www-sonatype-com-3567	417	38	concept	concept	NN
www-sonatype-com-3567	417	39	exercise	exercise	NN
www-sonatype-com-3567	417	40	led	lead	VBN
www-sonatype-com-3567	417	41	by	by	IN
www-sonatype-com-3567	417	42	medical	medical	JJ
www-sonatype-com-3567	417	43	device	device	NN
www-sonatype-com-3567	417	44	manufacturers	manufacturer	NNS
www-sonatype-com-3567	417	45	(	(	-LRB-
www-sonatype-com-3567	417	46	MDMs	MDMs	NNPS
www-sonatype-com-3567	417	47	)	)	-RRB-
www-sonatype-com-3567	417	48	and	and	CC
www-sonatype-com-3567	417	49	healthcare	healthcare	NN
www-sonatype-com-3567	417	50	delivery	delivery	NN
www-sonatype-com-3567	417	51	organizations	organization	NNS
www-sonatype-com-3567	417	52	(	(	-LRB-
www-sonatype-com-3567	417	53	HDOs	hdo	NNS
www-sonatype-com-3567	417	54	)	)	-RRB-
www-sonatype-com-3567	417	55	.	.	.
www-sonatype-com-3567	418	1	The	the	DT
www-sonatype-com-3567	418	2	exercise	exercise	NN
www-sonatype-com-3567	418	3	examined	examine	VBD
www-sonatype-com-3567	418	4	the	the	DT
www-sonatype-com-3567	418	5	feasibility	feasibility	NN
www-sonatype-com-3567	418	6	of	of	IN
www-sonatype-com-3567	418	7	SBOMs	sbom	NNS
www-sonatype-com-3567	418	8	being	be	VBG
www-sonatype-com-3567	418	9	generated	generate	VBN
www-sonatype-com-3567	418	10	by	by	IN
www-sonatype-com-3567	418	11	MDMs	mdm	NNS
www-sonatype-com-3567	418	12	and	and	CC
www-sonatype-com-3567	418	13	used	use	VBN
www-sonatype-com-3567	418	14	by	by	IN
www-sonatype-com-3567	418	15	HDOs	hdo	NNS
www-sonatype-com-3567	418	16	as	as	IN
www-sonatype-com-3567	418	17	part	part	NN
www-sonatype-com-3567	418	18	of	of	IN
www-sonatype-com-3567	418	19	New	new	JJ
www-sonatype-com-3567	418	20	guidance	guidance	NN
www-sonatype-com-3567	418	21	released	release	VBN
www-sonatype-com-3567	418	22	by	by	IN
www-sonatype-com-3567	418	23	the	the	DT
www-sonatype-com-3567	418	24	Centre	Centre	NNP
www-sonatype-com-3567	418	25	advised	advise	VBD
www-sonatype-com-3567	418	26	that	that	IN
www-sonatype-com-3567	418	27	“	"	``
www-sonatype-com-3567	418	28	third	third	NNP
www-sonatype-com-3567	418	29	party	party	NNP
www-sonatype-com-3567	418	30	coding	code	VBG
www-sonatype-com-3567	418	31	frameworks	framework	NNS
www-sonatype-com-3567	418	32	and	and	CC
www-sonatype-com-3567	418	33	libraries	library	NNS
www-sonatype-com-3567	418	34	also	also	RB
www-sonatype-com-3567	418	35	need	need	VBP
www-sonatype-com-3567	418	36	to	to	TO
www-sonatype-com-3567	418	37	be	be	VB
www-sonatype-com-3567	418	38	considered	consider	VBN
www-sonatype-com-3567	418	39	in	in	IN
www-sonatype-com-3567	418	40	the	the	DT
www-sonatype-com-3567	418	41	same	same	JJ
www-sonatype-com-3567	418	42	light	light	NN
www-sonatype-com-3567	418	43	as	as	IN
www-sonatype-com-3567	418	44	the	the	DT
www-sonatype-com-3567	418	45	code	code	NN
www-sonatype-com-3567	418	46	you	-PRON-	PRP
www-sonatype-com-3567	418	47	author	author	NN
www-sonatype-com-3567	418	48	.	.	.
www-sonatype-com-3567	419	1	If	if	IN
www-sonatype-com-3567	419	2	third	third	JJ
www-sonatype-com-3567	419	3	party	party	NN
www-sonatype-com-3567	419	4	components	component	NNS
www-sonatype-com-3567	419	5	are	be	VBP
www-sonatype-com-3567	419	6	themselves	-PRON-	PRP
www-sonatype-com-3567	419	7	vulnerable	vulnerable	JJ
www-sonatype-com-3567	419	8	,	,	,
www-sonatype-com-3567	419	9	this	this	DT
www-sonatype-com-3567	419	10	is	be	VBZ
www-sonatype-com-3567	419	11	likely	likely	JJ
www-sonatype-com-3567	419	12	to	to	TO
www-sonatype-com-3567	419	13	also	also	RB
www-sonatype-com-3567	419	14	impact	impact	VB
www-sonatype-com-3567	419	15	your	-PRON-	PRP$
www-sonatype-com-3567	419	16	system	system	NN
www-sonatype-com-3567	419	17	.	.	.
www-sonatype-com-3567	419	18	”	"	''
www-sonatype-com-3567	419	19	382020	382020	CD
www-sonatype-com-3567	419	20	STATE	STATE	NNP
www-sonatype-com-3567	419	21	OF	of	IN
www-sonatype-com-3567	419	22	THE	the	DT
www-sonatype-com-3567	419	23	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	419	24	SUPPLY	supply	NN
www-sonatype-com-3567	419	25	CHAIN	chain	NN
www-sonatype-com-3567	419	26	REPORT	report	NN
www-sonatype-com-3567	419	27	C	c	NN
www-sonatype-com-3567	419	28	H	h	NN
www-sonatype-com-3567	419	29	A	a	NN
www-sonatype-com-3567	419	30	P	p	NN
www-sonatype-com-3567	419	31	T	t	NN
www-sonatype-com-3567	419	32	E	e	NN
www-sonatype-com-3567	419	33	R	r	NN
www-sonatype-com-3567	419	34	6	6	CD
www-sonatype-com-3567	419	35	:	:	:
www-sonatype-com-3567	419	36	T	t	NN
www-sonatype-com-3567	419	37	H	h	NN
www-sonatype-com-3567	419	38	E	e	NN
www-sonatype-com-3567	419	39	C	c	NN
www-sonatype-com-3567	419	40	H	h	NN
www-sonatype-com-3567	419	41	A	a	NN
www-sonatype-com-3567	419	42	N	n	NN
www-sonatype-com-3567	419	43	G	g	NN
www-sonatype-com-3567	419	44	IN	in	IN
www-sonatype-com-3567	419	45	G	g	NN
www-sonatype-com-3567	419	46	O	o	NN
www-sonatype-com-3567	419	47	S	s	NN
www-sonatype-com-3567	419	48	S	s	NN
www-sonatype-com-3567	419	49	L	l	NN
www-sonatype-com-3567	419	50	A	A	NNP
www-sonatype-com-3567	419	51	N	N	NNP
www-sonatype-com-3567	419	52	D	d	NN
www-sonatype-com-3567	419	53	S	s	NN
www-sonatype-com-3567	419	54	C	c	NN
www-sonatype-com-3567	419	55	A	a	NN
www-sonatype-com-3567	419	56	P	p	NN
www-sonatype-com-3567	419	57	E	e	NN
www-sonatype-com-3567	419	58	:	:	:
www-sonatype-com-3567	419	59	S	s	NN
www-sonatype-com-3567	419	60	O	o	NN
www-sonatype-com-3567	419	61	C	c	NN
www-sonatype-com-3567	419	62	IA	ia	NN
www-sonatype-com-3567	419	63	L	l	NN
www-sonatype-com-3567	419	64	A	A	NNP
www-sonatype-com-3567	419	65	C	c	NN
www-sonatype-com-3567	419	66	T	t	NN
www-sonatype-com-3567	419	67	IV	iv	NN
www-sonatype-com-3567	419	68	IS	be	VBZ
www-sonatype-com-3567	419	69	M	M	NNP
www-sonatype-com-3567	419	70	A	A	NNP
www-sonatype-com-3567	419	71	N	n	NN
www-sonatype-com-3567	419	72	D	d	NN
www-sonatype-com-3567	419	73	G	g	NN
www-sonatype-com-3567	419	74	O	o	NN
www-sonatype-com-3567	419	75	V	v	NN
www-sonatype-com-3567	419	76	E	e	NN
www-sonatype-com-3567	419	77	R	r	NN
www-sonatype-com-3567	419	78	N	n	NN
www-sonatype-com-3567	419	79	M	m	NN
www-sonatype-com-3567	419	80	E	e	NN
www-sonatype-com-3567	419	81	N	n	NN
www-sonatype-com-3567	419	82	T	t	NN
www-sonatype-com-3567	419	83	S	s	NN
www-sonatype-com-3567	419	84	T	t	NN
www-sonatype-com-3567	419	85	A	a	NN
www-sonatype-com-3567	419	86	N	n	NN
www-sonatype-com-3567	419	87	D	d	NN
www-sonatype-com-3567	419	88	A	a	NN
www-sonatype-com-3567	419	89	R	r	NN
www-sonatype-com-3567	419	90	D	d	NN
www-sonatype-com-3567	419	91	S	s	NN
www-sonatype-com-3567	419	92	operational	operational	JJ
www-sonatype-com-3567	419	93	and	and	CC
www-sonatype-com-3567	419	94	risk	risk	NN
www-sonatype-com-3567	419	95	management	management	NN
www-sonatype-com-3567	419	96	approaches	approach	NNS
www-sonatype-com-3567	419	97	to	to	IN
www-sonatype-com-3567	419	98	medical	medical	JJ
www-sonatype-com-3567	419	99	devices	device	NNS
www-sonatype-com-3567	419	100	at	at	IN
www-sonatype-com-3567	419	101	their	-PRON-	PRP$
www-sonatype-com-3567	419	102	hospitals.43	hospitals.43	NNP
www-sonatype-com-3567	419	103	NATIONAL	NATIONAL	NNP
www-sonatype-com-3567	419	104	DEFENSE	DEFENSE	NNP
www-sonatype-com-3567	419	105	AUTHORIZATION	AUTHORIZATION	NNP
www-sonatype-com-3567	419	106	ACT	ACT	NNP
www-sonatype-com-3567	419	107	FOR	for	IN
www-sonatype-com-3567	419	108	FISCAL	FISCAL	NNP
www-sonatype-com-3567	419	109	YEAR	year	NN
www-sonatype-com-3567	419	110	2020	2020	CD
www-sonatype-com-3567	419	111	In	in	IN
www-sonatype-com-3567	419	112	December	December	NNP
www-sonatype-com-3567	419	113	2019	2019	CD
www-sonatype-com-3567	419	114	,	,	,
www-sonatype-com-3567	419	115	the	the	DT
www-sonatype-com-3567	419	116	NDAA	NDAA	NNP
www-sonatype-com-3567	419	117	—	—	:
www-sonatype-com-3567	419	118	now	now	RB
www-sonatype-com-3567	419	119	signed	sign	VBN
www-sonatype-com-3567	419	120	into	into	IN
www-sonatype-com-3567	419	121	law	law	NN
www-sonatype-com-3567	419	122	,	,	,
www-sonatype-com-3567	419	123	called	call	VBD
www-sonatype-com-3567	419	124	for	for	IN
www-sonatype-com-3567	419	125	the	the	DT
www-sonatype-com-3567	419	126	U.S.	U.S.	NNP
www-sonatype-com-3567	419	127	Secretary	Secretary	NNP
www-sonatype-com-3567	419	128	of	of	IN
www-sonatype-com-3567	419	129	Defense	Defense	NNP
www-sonatype-com-3567	419	130	to	to	TO
www-sonatype-com-3567	419	131	establish	establish	VB
www-sonatype-com-3567	419	132	pathways	pathway	NNS
www-sonatype-com-3567	419	133	for	for	IN
www-sonatype-com-3567	419	134	the	the	DT
www-sonatype-com-3567	419	135	efficient	efficient	JJ
www-sonatype-com-3567	419	136	and	and	CC
www-sonatype-com-3567	419	137	effective	effective	JJ
www-sonatype-com-3567	419	138	acquisition	acquisition	NN
www-sonatype-com-3567	419	139	,	,	,
www-sonatype-com-3567	419	140	development	development	NN
www-sonatype-com-3567	419	141	,	,	,
www-sonatype-com-3567	419	142	integration	integration	NN
www-sonatype-com-3567	419	143	,	,	,
www-sonatype-com-3567	419	144	and	and	CC
www-sonatype-com-3567	419	145	timely	timely	JJ
www-sonatype-com-3567	419	146	delivery	delivery	NN
www-sonatype-com-3567	419	147	of	of	IN
www-sonatype-com-3567	419	148	secure	secure	JJ
www-sonatype-com-3567	419	149	software	software	NN
www-sonatype-com-3567	419	150	.	.	.
www-sonatype-com-3567	420	1	The	the	DT
www-sonatype-com-3567	420	2	Act	Act	NNP
www-sonatype-com-3567	420	3	included	include	VBD
www-sonatype-com-3567	420	4	the	the	DT
www-sonatype-com-3567	420	5	requirement	requirement	NN
www-sonatype-com-3567	420	6	for	for	IN
www-sonatype-com-3567	420	7	software	software	NN
www-sonatype-com-3567	420	8	security	security	NN
www-sonatype-com-3567	420	9	testing	testing	NN
www-sonatype-com-3567	420	10	that	that	WDT
www-sonatype-com-3567	420	11	includes	include	VBZ
www-sonatype-com-3567	420	12	vulnerability	vulnerability	NN
www-sonatype-com-3567	420	13	scanning	scanning	NN
www-sonatype-com-3567	420	14	and	and	CC
www-sonatype-com-3567	420	15	also	also	RB
www-sonatype-com-3567	420	16	asks	ask	VBZ
www-sonatype-com-3567	420	17	for	for	IN
www-sonatype-com-3567	420	18	the	the	DT
www-sonatype-com-3567	420	19	establishment	establishment	NN
www-sonatype-com-3567	420	20	of	of	IN
www-sonatype-com-3567	420	21	DevSecOps	DevSecOps	NNP
www-sonatype-com-3567	420	22	practices	practice	NNS
www-sonatype-com-3567	420	23	inside	inside	IN
www-sonatype-com-3567	420	24	the	the	DT
www-sonatype-com-3567	420	25	Department	Department	NNP
www-sonatype-com-3567	420	26	of	of	IN
www-sonatype-com-3567	420	27	Defense	Defense	NNP
www-sonatype-com-3567	420	28	.	.	.
www-sonatype-com-3567	421	1	Section	section	NN
www-sonatype-com-3567	421	2	800	800	CD
www-sonatype-com-3567	421	3	of	of	IN
www-sonatype-com-3567	421	4	the	the	DT
www-sonatype-com-3567	421	5	Act	Act	NNP
www-sonatype-com-3567	421	6	required	require	VBN
www-sonatype-com-3567	421	7	“	"	``
www-sonatype-com-3567	421	8	assurances	assurance	NNS
www-sonatype-com-3567	421	9	that	that	IN
www-sonatype-com-3567	421	10	cybersecurity	cybersecurity	NN
www-sonatype-com-3567	421	11	metrics	metric	NNS
www-sonatype-com-3567	421	12	of	of	IN
www-sonatype-com-3567	421	13	the	the	DT
www-sonatype-com-3567	421	14	software	software	NN
www-sonatype-com-3567	421	15	to	to	TO
www-sonatype-com-3567	421	16	be	be	VB
www-sonatype-com-3567	421	17	acquired	acquire	VBN
www-sonatype-com-3567	421	18	or	or	CC
www-sonatype-com-3567	421	19	developed	develop	VBN
www-sonatype-com-3567	421	20	,	,	,
www-sonatype-com-3567	421	21	such	such	JJ
www-sonatype-com-3567	421	22	as	as	IN
www-sonatype-com-3567	421	23	metrics	metric	NNS
www-sonatype-com-3567	421	24	relating	relate	VBG
www-sonatype-com-3567	421	25	to	to	IN
www-sonatype-com-3567	421	26	the	the	DT
www-sonatype-com-3567	421	27	density	density	NN
www-sonatype-com-3567	421	28	of	of	IN
www-sonatype-com-3567	421	29	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	421	30	within	within	IN
www-sonatype-com-3567	421	31	the	the	DT
www-sonatype-com-3567	421	32	code	code	NN
www-sonatype-com-3567	421	33	of	of	IN
www-sonatype-com-3567	421	34	such	such	JJ
www-sonatype-com-3567	421	35	software	software	NN
www-sonatype-com-3567	421	36	,	,	,
www-sonatype-com-3567	421	37	the	the	DT
www-sonatype-com-3567	421	38	time	time	NN
www-sonatype-com-3567	421	39	from	from	IN
www-sonatype-com-3567	421	40	vulnerability	vulnerability	NN
www-sonatype-com-3567	421	41	identification	identification	NN
www-sonatype-com-3567	421	42	to	to	TO
www-sonatype-com-3567	421	43	patch	patch	VB
www-sonatype-com-3567	421	44	availability	availability	NN
www-sonatype-com-3567	421	45	,	,	,
www-sonatype-com-3567	421	46	the	the	DT
www-sonatype-com-3567	421	47	existence	existence	NN
www-sonatype-com-3567	421	48	of	of	IN
www-sonatype-com-3567	421	49	common	common	JJ
www-sonatype-com-3567	421	50	weaknesses	weakness	NNS
www-sonatype-com-3567	421	51	within	within	IN
www-sonatype-com-3567	421	52	such	such	JJ
www-sonatype-com-3567	421	53	code	code	NN
www-sonatype-com-3567	421	54	,	,	,
www-sonatype-com-3567	421	55	and	and	CC
www-sonatype-com-3567	421	56	other	other	JJ
www-sonatype-com-3567	421	57	cybersecurity	cybersecurity	NN
www-sonatype-com-3567	421	58	metrics	metric	NNS
www-sonatype-com-3567	421	59	based	base	VBN
www-sonatype-com-3567	421	60	on	on	IN
www-sonatype-com-3567	421	61	widely	widely	RB
www-sonatype-com-3567	421	62	-	-	HYPH
www-sonatype-com-3567	421	63	recognized	recognize	VBN
www-sonatype-com-3567	421	64	standards	standard	NNS
www-sonatype-com-3567	421	65	and	and	CC
www-sonatype-com-3567	421	66	industry	industry	NN
www-sonatype-com-3567	421	67	best	good	JJS
www-sonatype-com-3567	421	68	practices	practice	NNS
www-sonatype-com-3567	421	69	,	,	,
www-sonatype-com-3567	421	70	are	be	VBP
www-sonatype-com-3567	421	71	generated	generate	VBN
www-sonatype-com-3567	421	72	and	and	CC
www-sonatype-com-3567	421	73	made	make	VBN
www-sonatype-com-3567	421	74	available	available	JJ
www-sonatype-com-3567	421	75	to	to	IN
www-sonatype-com-3567	421	76	the	the	DT
www-sonatype-com-3567	421	77	Department	Department	NNP
www-sonatype-com-3567	421	78	of	of	IN
www-sonatype-com-3567	421	79	Defense	Defense	NNP
www-sonatype-com-3567	421	80	and	and	CC
www-sonatype-com-3567	421	81	the	the	DT
www-sonatype-com-3567	421	82	congressional	congressional	JJ
www-sonatype-com-3567	421	83	defense	defense	NN
www-sonatype-com-3567	421	84	committees	committee	NNS
www-sonatype-com-3567	421	85	.	.	.
www-sonatype-com-3567	421	86	”44	”44	NNP
www-sonatype-com-3567	421	87	NATIONAL	NATIONAL	NNP
www-sonatype-com-3567	421	88	INSTITUTE	INSTITUTE	NNP
www-sonatype-com-3567	421	89	OF	of	IN
www-sonatype-com-3567	421	90	STANDARDS	STANDARDS	NNP
www-sonatype-com-3567	421	91	AND	and	CC
www-sonatype-com-3567	421	92	TECHNOLOGY	TECHNOLOGY	NNP
www-sonatype-com-3567	421	93	In	in	IN
www-sonatype-com-3567	421	94	April	April	NNP
www-sonatype-com-3567	421	95	2020	2020	CD
www-sonatype-com-3567	421	96	,	,	,
www-sonatype-com-3567	421	97	NIST	NIST	NNP
www-sonatype-com-3567	421	98	released	release	VBD
www-sonatype-com-3567	421	99	new	new	JJ
www-sonatype-com-3567	421	100	standards	standard	NNS
www-sonatype-com-3567	421	101	for	for	IN
www-sonatype-com-3567	421	102	improving	improve	VBG
www-sonatype-com-3567	421	103	software	software	NN
www-sonatype-com-3567	421	104	security	security	NN
www-sonatype-com-3567	421	105	aimed	aim	VBN
www-sonatype-com-3567	421	106	at	at	IN
www-sonatype-com-3567	421	107	helping	help	VBG
www-sonatype-com-3567	421	108	“	"	``
www-sonatype-com-3567	421	109	software	software	NN
www-sonatype-com-3567	421	110	producers	producer	NNS
www-sonatype-com-3567	421	111	reduce	reduce	VBP
www-sonatype-com-3567	421	112	the	the	DT
www-sonatype-com-3567	421	113	number	number	NN
www-sonatype-com-3567	421	114	of	of	IN
www-sonatype-com-3567	421	115	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	421	116	in	in	IN
www-sonatype-com-3567	421	117	released	release	VBN
www-sonatype-com-3567	421	118	software	software	NN
www-sonatype-com-3567	421	119	,	,	,
www-sonatype-com-3567	421	120	mitigate	mitigate	VB
www-sonatype-com-3567	421	121	the	the	DT
www-sonatype-com-3567	421	122	potential	potential	JJ
www-sonatype-com-3567	421	123	impact	impact	NN
www-sonatype-com-3567	421	124	of	of	IN
www-sonatype-com-3567	421	125	the	the	DT
www-sonatype-com-3567	421	126	exploitation	exploitation	NN
www-sonatype-com-3567	421	127	of	of	IN
www-sonatype-com-3567	421	128	undetected	undetected	JJ
www-sonatype-com-3567	421	129	or	or	CC
www-sonatype-com-3567	421	130	unaddressed	unaddressed	JJ
www-sonatype-com-3567	421	131	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	421	132	,	,	,
www-sonatype-com-3567	421	133	and	and	CC
www-sonatype-com-3567	421	134	address	address	VB
www-sonatype-com-3567	421	135	the	the	DT
www-sonatype-com-3567	421	136	root	root	NN
www-sonatype-com-3567	421	137	causes	cause	NNS
www-sonatype-com-3567	421	138	of	of	IN
www-sonatype-com-3567	421	139	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	421	140	to	to	TO
www-sonatype-com-3567	421	141	prevent	prevent	VB
www-sonatype-com-3567	421	142	future	future	JJ
www-sonatype-com-3567	421	143	recurrences	recurrence	NNS
www-sonatype-com-3567	421	144	.	.	.
www-sonatype-com-3567	421	145	”45	”45	''
www-sonatype-com-3567	421	146	NIST	NIST	NNP
www-sonatype-com-3567	421	147	’s	’s	POS
www-sonatype-com-3567	421	148	Secure	Secure	NNP
www-sonatype-com-3567	421	149	Software	Software	NNP
www-sonatype-com-3567	421	150	Development	Development	NNP
www-sonatype-com-3567	421	151	Framework	Framework	NNP
www-sonatype-com-3567	421	152	offers	offer	VBZ
www-sonatype-com-3567	421	153	several	several	JJ
www-sonatype-com-3567	421	154	practices	practice	NNS
www-sonatype-com-3567	421	155	to	to	TO
www-sonatype-com-3567	421	156	improve	improve	VB
www-sonatype-com-3567	421	157	the	the	DT
www-sonatype-com-3567	421	158	management	management	NN
www-sonatype-com-3567	421	159	of	of	IN
www-sonatype-com-3567	421	160	open	open	JJ
www-sonatype-com-3567	421	161	source	source	NN
www-sonatype-com-3567	421	162	software	software	NN
www-sonatype-com-3567	421	163	supply	supply	NN
www-sonatype-com-3567	421	164	chains	chain	NNS
www-sonatype-com-3567	421	165	,	,	,
www-sonatype-com-3567	421	166	including	include	VBG
www-sonatype-com-3567	421	167	:	:	:
www-sonatype-com-3567	421	168	⊲	⊲	CD
www-sonatype-com-3567	421	169	Create	create	VB
www-sonatype-com-3567	421	170	and	and	CC
www-sonatype-com-3567	421	171	maintain	maintain	VB
www-sonatype-com-3567	421	172	a	a	DT
www-sonatype-com-3567	421	173	software	software	NN
www-sonatype-com-3567	421	174	bill	bill	NN
www-sonatype-com-3567	421	175	of	of	IN
www-sonatype-com-3567	421	176	materials	material	NNS
www-sonatype-com-3567	421	177	(	(	-LRB-
www-sonatype-com-3567	421	178	SBOM	SBOM	NNP
www-sonatype-com-3567	421	179	)	)	-RRB-
www-sonatype-com-3567	421	180	for	for	IN
www-sonatype-com-3567	421	181	each	each	DT
www-sonatype-com-3567	421	182	OSS	oss	NN
www-sonatype-com-3567	421	183	component	component	NN
www-sonatype-com-3567	421	184	used	use	VBN
www-sonatype-com-3567	421	185	and	and	CC
www-sonatype-com-3567	421	186	every	every	DT
www-sonatype-com-3567	421	187	proprietary	proprietary	JJ
www-sonatype-com-3567	421	188	software	software	NN
www-sonatype-com-3567	421	189	package	package	NN
www-sonatype-com-3567	421	190	created	create	VBN
www-sonatype-com-3567	421	191	.	.	.
www-sonatype-com-3567	422	1	⊲	⊲	NFP
www-sonatype-com-3567	422	2	Securely	securely	RB
www-sonatype-com-3567	422	3	archive	archive	JJ
www-sonatype-com-3567	422	4	a	a	DT
www-sonatype-com-3567	422	5	copy	copy	NN
www-sonatype-com-3567	422	6	of	of	IN
www-sonatype-com-3567	422	7	each	each	DT
www-sonatype-com-3567	422	8	release	release	NN
www-sonatype-com-3567	422	9	and	and	CC
www-sonatype-com-3567	422	10	all	all	DT
www-sonatype-com-3567	422	11	of	of	IN
www-sonatype-com-3567	422	12	its	-PRON-	PRP$
www-sonatype-com-3567	422	13	components	component	NNS
www-sonatype-com-3567	422	14	(	(	-LRB-
www-sonatype-com-3567	422	15	e.g.	e.g.	RB
www-sonatype-com-3567	422	16	,	,	,
www-sonatype-com-3567	422	17	code	code	NN
www-sonatype-com-3567	422	18	,	,	,
www-sonatype-com-3567	422	19	package	package	NN
www-sonatype-com-3567	422	20	files	file	NNS
www-sonatype-com-3567	422	21	,	,	,
www-sonatype-com-3567	422	22	OSS	oss	NN
www-sonatype-com-3567	422	23	and	and	CC
www-sonatype-com-3567	422	24	third	third	JJ
www-sonatype-com-3567	422	25	-	-	HYPH
www-sonatype-com-3567	422	26	party	party	NN
www-sonatype-com-3567	422	27	libraries	library	NNS
www-sonatype-com-3567	422	28	,	,	,
www-sonatype-com-3567	422	29	documentation	documentation	NN
www-sonatype-com-3567	422	30	)	)	-RRB-
www-sonatype-com-3567	422	31	,	,	,
www-sonatype-com-3567	422	32	and	and	CC
www-sonatype-com-3567	422	33	release	release	VB
www-sonatype-com-3567	422	34	integrity	integrity	NN
www-sonatype-com-3567	422	35	verification	verification	NN
www-sonatype-com-3567	422	36	information	information	NN
www-sonatype-com-3567	422	37	.	.	.
www-sonatype-com-3567	423	1	⊲	⊲	NFP
www-sonatype-com-3567	423	2	See	see	VB
www-sonatype-com-3567	423	3	if	if	IN
www-sonatype-com-3567	423	4	there	there	EX
www-sonatype-com-3567	423	5	are	be	VBP
www-sonatype-com-3567	423	6	publicly	publicly	RB
www-sonatype-com-3567	423	7	known	know	VBN
www-sonatype-com-3567	423	8	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	423	9	in	in	IN
www-sonatype-com-3567	423	10	the	the	DT
www-sonatype-com-3567	423	11	OSS	OSS	NNP
www-sonatype-com-3567	423	12	software	software	NN
www-sonatype-com-3567	423	13	components	component	NNS
www-sonatype-com-3567	423	14	and	and	CC
www-sonatype-com-3567	423	15	services	service	NNS
www-sonatype-com-3567	423	16	that	that	WDT
www-sonatype-com-3567	423	17	the	the	DT
www-sonatype-com-3567	423	18	vendor	vendor	NN
www-sonatype-com-3567	423	19	has	have	VBZ
www-sonatype-com-3567	423	20	not	not	RB
www-sonatype-com-3567	423	21	yet	yet	RB
www-sonatype-com-3567	423	22	fixed	fix	VBN
www-sonatype-com-3567	423	23	.	.	.
www-sonatype-com-3567	424	1	⊲	⊲	NFP
www-sonatype-com-3567	424	2	Ensure	ensure	VB
www-sonatype-com-3567	424	3	each	each	DT
www-sonatype-com-3567	424	4	software	software	NN
www-sonatype-com-3567	424	5	component	component	NN
www-sonatype-com-3567	424	6	is	be	VBZ
www-sonatype-com-3567	424	7	still	still	RB
www-sonatype-com-3567	424	8	actively	actively	RB
www-sonatype-com-3567	424	9	maintained	maintain	VBN
www-sonatype-com-3567	424	10	,	,	,
www-sonatype-com-3567	424	11	which	which	WDT
www-sonatype-com-3567	424	12	should	should	MD
www-sonatype-com-3567	424	13	include	include	VB
www-sonatype-com-3567	424	14	new	new	JJ
www-sonatype-com-3567	424	15	vulnerabil-	vulnerabil-	JJ
www-sonatype-com-3567	424	16	ities	itie	NNS
www-sonatype-com-3567	424	17	found	find	VBN
www-sonatype-com-3567	424	18	in	in	IN
www-sonatype-com-3567	424	19	the	the	DT
www-sonatype-com-3567	424	20	software	software	NN
www-sonatype-com-3567	424	21	being	be	VBG
www-sonatype-com-3567	424	22	remediated	remediate	VBN
www-sonatype-com-3567	424	23	.	.	.
www-sonatype-com-3567	425	1	⊲	⊲	NFP
www-sonatype-com-3567	425	2	Determine	Determine	NNP
www-sonatype-com-3567	425	3	a	a	DT
www-sonatype-com-3567	425	4	plan	plan	NN
www-sonatype-com-3567	425	5	of	of	IN
www-sonatype-com-3567	425	6	action	action	NN
www-sonatype-com-3567	425	7	for	for	IN
www-sonatype-com-3567	425	8	each	each	DT
www-sonatype-com-3567	425	9	third	third	JJ
www-sonatype-com-3567	425	10	party	party	NN
www-sonatype-com-3567	425	11	and	and	CC
www-sonatype-com-3567	425	12	OSS	OSS	NNP
www-sonatype-com-3567	425	13	software	software	NN
www-sonatype-com-3567	425	14	component	component	NN
www-sonatype-com-3567	425	15	that	that	WDT
www-sonatype-com-3567	425	16	is	be	VBZ
www-sonatype-com-3567	425	17	no	no	DT
www-sonatype-com-3567	425	18	longer	long	RBR
www-sonatype-com-3567	425	19	being	be	VBG
www-sonatype-com-3567	425	20	maintained	maintain	VBN
www-sonatype-com-3567	425	21	or	or	CC
www-sonatype-com-3567	425	22	available	available	JJ
www-sonatype-com-3567	425	23	in	in	IN
www-sonatype-com-3567	425	24	the	the	DT
www-sonatype-com-3567	425	25	future	future	NN
www-sonatype-com-3567	425	26	.	.	.
www-sonatype-com-3567	426	1	⊲	⊲	NFP
www-sonatype-com-3567	426	2	Use	use	VB
www-sonatype-com-3567	426	3	the	the	DT
www-sonatype-com-3567	426	4	results	result	NNS
www-sonatype-com-3567	426	5	of	of	IN
www-sonatype-com-3567	426	6	commercial	commercial	JJ
www-sonatype-com-3567	426	7	services	service	NNS
www-sonatype-com-3567	426	8	for	for	IN
www-sonatype-com-3567	426	9	vetting	vet	VBG
www-sonatype-com-3567	426	10	OSS	OSS	NNP
www-sonatype-com-3567	426	11	software	software	NN
www-sonatype-com-3567	426	12	components	component	NNS
www-sonatype-com-3567	426	13	.	.	.
www-sonatype-com-3567	427	1	⊲	⊲	NFP
www-sonatype-com-3567	427	2	Establish	establish	VB
www-sonatype-com-3567	427	3	an	an	DT
www-sonatype-com-3567	427	4	organization	organization	NN
www-sonatype-com-3567	427	5	-	-	HYPH
www-sonatype-com-3567	427	6	wide	wide	JJ
www-sonatype-com-3567	427	7	software	software	NN
www-sonatype-com-3567	427	8	repository	repository	NN
www-sonatype-com-3567	427	9	to	to	IN
www-sonatype-com-3567	427	10	host	host	NN
www-sonatype-com-3567	427	11	sanctioned	sanction	VBD
www-sonatype-com-3567	427	12	and	and	CC
www-sonatype-com-3567	427	13	vetted	vet	VBD
www-sonatype-com-3567	427	14	OSS	OSS	NNP
www-sonatype-com-3567	427	15	components	component	NNS
www-sonatype-com-3567	427	16	.	.	.
www-sonatype-com-3567	428	1	⊲	⊲	NFP
www-sonatype-com-3567	428	2	Maintain	maintain	VB
www-sonatype-com-3567	428	3	a	a	DT
www-sonatype-com-3567	428	4	list	list	NN
www-sonatype-com-3567	428	5	of	of	IN
www-sonatype-com-3567	428	6	organization	organization	NN
www-sonatype-com-3567	428	7	-	-	HYPH
www-sonatype-com-3567	428	8	approved	approve	VBN
www-sonatype-com-3567	428	9	commer-	commer-	JJ
www-sonatype-com-3567	428	10	cial	cial	JJ
www-sonatype-com-3567	428	11	OSS	OSS	NNP
www-sonatype-com-3567	428	12	components	component	NNS
www-sonatype-com-3567	428	13	and	and	CC
www-sonatype-com-3567	428	14	component	component	NN
www-sonatype-com-3567	428	15	versions	version	NNS
www-sonatype-com-3567	428	16	.	.	.
www-sonatype-com-3567	429	1	⊲	⊲	NFP
www-sonatype-com-3567	429	2	Have	have	VBP
www-sonatype-com-3567	429	3	a	a	DT
www-sonatype-com-3567	429	4	security	security	NN
www-sonatype-com-3567	429	5	response	response	NN
www-sonatype-com-3567	429	6	playbook	playbook	NN
www-sonatype-com-3567	429	7	to	to	TO
www-sonatype-com-3567	429	8	handle	handle	VB
www-sonatype-com-3567	429	9	a	a	DT
www-sonatype-com-3567	429	10	generic	generic	JJ
www-sonatype-com-3567	429	11	reported	report	VBN
www-sonatype-com-3567	429	12	vulnerability	vulnerability	NN
www-sonatype-com-3567	429	13	,	,	,
www-sonatype-com-3567	429	14	a	a	DT
www-sonatype-com-3567	429	15	report	report	NN
www-sonatype-com-3567	429	16	of	of	IN
www-sonatype-com-3567	429	17	zero-	zero-	NNP
www-sonatype-com-3567	429	18	days	day	NNS
www-sonatype-com-3567	429	19	,	,	,
www-sonatype-com-3567	429	20	a	a	DT
www-sonatype-com-3567	429	21	vulnerability	vulnerability	NN
www-sonatype-com-3567	429	22	being	be	VBG
www-sonatype-com-3567	429	23	exploited	exploit	VBN
www-sonatype-com-3567	429	24	in	in	IN
www-sonatype-com-3567	429	25	the	the	DT
www-sonatype-com-3567	429	26	wild	wild	NN
www-sonatype-com-3567	429	27	,	,	,
www-sonatype-com-3567	429	28	and	and	CC
www-sonatype-com-3567	429	29	a	a	DT
www-sonatype-com-3567	429	30	major	major	JJ
www-sonatype-com-3567	429	31	ongoing	ongoing	JJ
www-sonatype-com-3567	429	32	incident	incident	NN
www-sonatype-com-3567	429	33	involving	involve	VBG
www-sonatype-com-3567	429	34	multiple	multiple	JJ
www-sonatype-com-3567	429	35	parties.46	parties.46	NNP
www-sonatype-com-3567	429	36	United	United	NNP
www-sonatype-com-3567	429	37	Kingdom	Kingdom	NNP
www-sonatype-com-3567	429	38	THE	THE	NNP
www-sonatype-com-3567	429	39	NATIONAL	NATIONAL	NNP
www-sonatype-com-3567	429	40	CYBER	CYBER	NNP
www-sonatype-com-3567	429	41	SECURITY	SECURITY	NNP
www-sonatype-com-3567	429	42	CENTRE	CENTRE	NNP
www-sonatype-com-3567	429	43	:	:	:
www-sonatype-com-3567	429	44	SECURE	SECURE	NNP
www-sonatype-com-3567	429	45	DEVELOPMENT	DEVELOPMENT	NNP
www-sonatype-com-3567	429	46	AND	and	CC
www-sonatype-com-3567	429	47	DEPLOYMENT	DEPLOYMENT	NNP
www-sonatype-com-3567	429	48	GUIDANCE	GUIDANCE	NNP
www-sonatype-com-3567	429	49	The	the	DT
www-sonatype-com-3567	429	50	Centre	Centre	NNP
www-sonatype-com-3567	429	51	recognized	recognize	VBD
www-sonatype-com-3567	429	52	that	that	IN
www-sonatype-com-3567	429	53	software	software	NN
www-sonatype-com-3567	429	54	development	development	NN
www-sonatype-com-3567	429	55	practices	practice	NNS
www-sonatype-com-3567	429	56	are	be	VBP
www-sonatype-com-3567	429	57	becoming	become	VBG
www-sonatype-com-3567	429	58	increasingly	increasingly	RB
www-sonatype-com-3567	429	59	automated	automated	JJ
www-sonatype-com-3567	429	60	and	and	CC
www-sonatype-com-3567	429	61	reliant	reliant	JJ
www-sonatype-com-3567	429	62	on	on	IN
www-sonatype-com-3567	429	63	open	open	JJ
www-sonatype-com-3567	429	64	source	source	NN
www-sonatype-com-3567	429	65	and	and	CC
www-sonatype-com-3567	429	66	third	third	JJ
www-sonatype-com-3567	429	67	party	party	NN
www-sonatype-com-3567	429	68	FIGURE	figure	NN
www-sonatype-com-3567	429	69	6A	6a	NN
www-sonatype-com-3567	429	70	SOURCE	SOURCE	NNP
www-sonatype-com-3567	429	71	:	:	:
www-sonatype-com-3567	429	72	The	the	DT
www-sonatype-com-3567	429	73	Australian	Australian	NNP
www-sonatype-com-3567	429	74	Cyber	Cyber	NNP
www-sonatype-com-3567	429	75	Security	Security	NNP
www-sonatype-com-3567	429	76	Centre	Centre	NNP
www-sonatype-com-3567	429	77	(	(	-LRB-
www-sonatype-com-3567	429	78	ACSC	ACSC	NNP
www-sonatype-com-3567	429	79	)	)	-RRB-
www-sonatype-com-3567	429	80	392020	392020	CD
www-sonatype-com-3567	429	81	STATE	STATE	NNP
www-sonatype-com-3567	429	82	OF	of	IN
www-sonatype-com-3567	429	83	THE	the	DT
www-sonatype-com-3567	429	84	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	429	85	SUPPLY	supply	NN
www-sonatype-com-3567	429	86	CHAIN	chain	NN
www-sonatype-com-3567	429	87	REPORT	report	NN
www-sonatype-com-3567	429	88	C	c	NN
www-sonatype-com-3567	429	89	H	h	NN
www-sonatype-com-3567	429	90	A	a	NN
www-sonatype-com-3567	429	91	P	p	NN
www-sonatype-com-3567	429	92	T	t	NN
www-sonatype-com-3567	429	93	E	e	NN
www-sonatype-com-3567	429	94	R	r	NN
www-sonatype-com-3567	429	95	6	6	CD
www-sonatype-com-3567	429	96	:	:	:
www-sonatype-com-3567	429	97	T	t	NN
www-sonatype-com-3567	429	98	H	h	NN
www-sonatype-com-3567	429	99	E	e	NN
www-sonatype-com-3567	429	100	C	c	NN
www-sonatype-com-3567	429	101	H	h	NN
www-sonatype-com-3567	429	102	A	a	NN
www-sonatype-com-3567	429	103	N	n	NN
www-sonatype-com-3567	429	104	G	g	NN
www-sonatype-com-3567	429	105	IN	in	IN
www-sonatype-com-3567	429	106	G	g	NN
www-sonatype-com-3567	429	107	O	o	NN
www-sonatype-com-3567	429	108	S	s	NN
www-sonatype-com-3567	429	109	S	s	NN
www-sonatype-com-3567	429	110	L	l	NN
www-sonatype-com-3567	429	111	A	A	NNP
www-sonatype-com-3567	429	112	N	N	NNP
www-sonatype-com-3567	429	113	D	d	NN
www-sonatype-com-3567	429	114	S	s	NN
www-sonatype-com-3567	429	115	C	c	NN
www-sonatype-com-3567	429	116	A	a	NN
www-sonatype-com-3567	429	117	P	p	NN
www-sonatype-com-3567	429	118	E	e	NN
www-sonatype-com-3567	429	119	:	:	:
www-sonatype-com-3567	429	120	S	s	NN
www-sonatype-com-3567	429	121	O	o	NN
www-sonatype-com-3567	429	122	C	c	NN
www-sonatype-com-3567	429	123	IA	ia	NN
www-sonatype-com-3567	429	124	L	l	NN
www-sonatype-com-3567	429	125	A	A	NNP
www-sonatype-com-3567	429	126	C	c	NN
www-sonatype-com-3567	429	127	T	t	NN
www-sonatype-com-3567	429	128	IV	iv	NN
www-sonatype-com-3567	429	129	IS	be	VBZ
www-sonatype-com-3567	429	130	M	M	NNP
www-sonatype-com-3567	429	131	A	A	NNP
www-sonatype-com-3567	429	132	N	n	NN
www-sonatype-com-3567	429	133	D	d	NN
www-sonatype-com-3567	429	134	G	g	NN
www-sonatype-com-3567	429	135	O	o	NN
www-sonatype-com-3567	429	136	V	v	NN
www-sonatype-com-3567	429	137	E	e	NN
www-sonatype-com-3567	429	138	R	r	NN
www-sonatype-com-3567	429	139	N	n	NN
www-sonatype-com-3567	429	140	M	m	NN
www-sonatype-com-3567	429	141	E	e	NN
www-sonatype-com-3567	429	142	N	n	NN
www-sonatype-com-3567	429	143	T	t	NN
www-sonatype-com-3567	429	144	S	s	NN
www-sonatype-com-3567	429	145	T	t	NN
www-sonatype-com-3567	429	146	A	a	NN
www-sonatype-com-3567	429	147	N	n	NN
www-sonatype-com-3567	429	148	D	d	NN
www-sonatype-com-3567	429	149	A	a	NN
www-sonatype-com-3567	429	150	R	r	NN
www-sonatype-com-3567	429	151	D	d	NN
www-sonatype-com-3567	429	152	S	s	NN
www-sonatype-com-3567	429	153	MITIGATION	mitigation	NN
www-sonatype-com-3567	429	154	STRATEGY	strategy	NN
www-sonatype-com-3567	429	155	MATURITY	maturity	NN
www-sonatype-com-3567	429	156	LEVEL	level	NN
www-sonatype-com-3567	429	157	ONE	one	CD
www-sonatype-com-3567	429	158	MATURITY	maturity	NN
www-sonatype-com-3567	429	159	LEVEL	level	NN
www-sonatype-com-3567	429	160	TWO	two	CD
www-sonatype-com-3567	429	161	MATURITY	maturity	NN
www-sonatype-com-3567	429	162	LEVEL	level	NN
www-sonatype-com-3567	429	163	THREE	three	CD
www-sonatype-com-3567	429	164	Patch	Patch	NNP
www-sonatype-com-3567	429	165	applications	application	NNS
www-sonatype-com-3567	429	166	Security	security	NN
www-sonatype-com-3567	429	167	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	429	168	in	in	IN
www-sonatype-com-3567	429	169	applications	application	NNS
www-sonatype-com-3567	429	170	and	and	CC
www-sonatype-com-3567	429	171	drivers	driver	NNS
www-sonatype-com-3567	429	172	assessed	assess	VBD
www-sonatype-com-3567	429	173	as	as	IN
www-sonatype-com-3567	429	174	extreme	extreme	JJ
www-sonatype-com-3567	429	175	risk	risk	NN
www-sonatype-com-3567	429	176	are	be	VBP
www-sonatype-com-3567	429	177	patched	patch	VBN
www-sonatype-com-3567	429	178	,	,	,
www-sonatype-com-3567	429	179	updated	update	VBN
www-sonatype-com-3567	429	180	or	or	CC
www-sonatype-com-3567	429	181	mitigated	mitigate	VBN
www-sonatype-com-3567	429	182	within	within	IN
www-sonatype-com-3567	429	183	one	one	CD
www-sonatype-com-3567	429	184	month	month	NN
www-sonatype-com-3567	429	185	of	of	IN
www-sonatype-com-3567	429	186	the	the	DT
www-sonatype-com-3567	429	187	security	security	NN
www-sonatype-com-3567	429	188	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	429	189	being	be	VBG
www-sonatype-com-3567	429	190	identified	identify	VBN
www-sonatype-com-3567	429	191	by	by	IN
www-sonatype-com-3567	429	192	vendors	vendor	NNS
www-sonatype-com-3567	429	193	,	,	,
www-sonatype-com-3567	429	194	independent	independent	JJ
www-sonatype-com-3567	429	195	third	third	JJ
www-sonatype-com-3567	429	196	parties	party	NNS
www-sonatype-com-3567	429	197	,	,	,
www-sonatype-com-3567	429	198	system	system	NN
www-sonatype-com-3567	429	199	managers	manager	NNS
www-sonatype-com-3567	429	200	or	or	CC
www-sonatype-com-3567	429	201	users	user	NNS
www-sonatype-com-3567	429	202	.	.	.
www-sonatype-com-3567	430	1	Applications	application	NNS
www-sonatype-com-3567	430	2	that	that	WDT
www-sonatype-com-3567	430	3	are	be	VBP
www-sonatype-com-3567	430	4	no	no	RB
www-sonatype-com-3567	430	5	longer	long	RBR
www-sonatype-com-3567	430	6	supported	support	VBN
www-sonatype-com-3567	430	7	by	by	IN
www-sonatype-com-3567	430	8	vendors	vendor	NNS
www-sonatype-com-3567	430	9	with	with	IN
www-sonatype-com-3567	430	10	patches	patch	NNS
www-sonatype-com-3567	430	11	or	or	CC
www-sonatype-com-3567	430	12	updates	update	NNS
www-sonatype-com-3567	430	13	for	for	IN
www-sonatype-com-3567	430	14	security	security	NN
www-sonatype-com-3567	430	15	vul-	vul-	NN
www-sonatype-com-3567	430	16	nerabilities	nerabilitie	NNS
www-sonatype-com-3567	430	17	are	be	VBP
www-sonatype-com-3567	430	18	updated	update	VBN
www-sonatype-com-3567	430	19	or	or	CC
www-sonatype-com-3567	430	20	replaced	replace	VBN
www-sonatype-com-3567	430	21	with	with	IN
www-sonatype-com-3567	430	22	vendor	vendor	NN
www-sonatype-com-3567	430	23	-	-	HYPH
www-sonatype-com-3567	430	24	sup-	sup-	JJ
www-sonatype-com-3567	430	25	ported	port	VBN
www-sonatype-com-3567	430	26	versions	version	NNS
www-sonatype-com-3567	430	27	.	.	.
www-sonatype-com-3567	431	1	Security	security	NN
www-sonatype-com-3567	431	2	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	431	3	in	in	IN
www-sonatype-com-3567	431	4	applications	application	NNS
www-sonatype-com-3567	431	5	and	and	CC
www-sonatype-com-3567	431	6	drivers	driver	NNS
www-sonatype-com-3567	431	7	assessed	assess	VBD
www-sonatype-com-3567	431	8	as	as	IN
www-sonatype-com-3567	431	9	extreme	extreme	JJ
www-sonatype-com-3567	431	10	risk	risk	NN
www-sonatype-com-3567	431	11	are	be	VBP
www-sonatype-com-3567	431	12	patched	patch	VBN
www-sonatype-com-3567	431	13	,	,	,
www-sonatype-com-3567	431	14	updated	update	VBN
www-sonatype-com-3567	431	15	or	or	CC
www-sonatype-com-3567	431	16	mit-	mit-	RB
www-sonatype-com-3567	431	17	igated	igate	VBN
www-sonatype-com-3567	431	18	within	within	IN
www-sonatype-com-3567	431	19	two	two	CD
www-sonatype-com-3567	431	20	weeks	week	NNS
www-sonatype-com-3567	431	21	of	of	IN
www-sonatype-com-3567	431	22	the	the	DT
www-sonatype-com-3567	431	23	security	security	NN
www-sonatype-com-3567	431	24	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	431	25	being	be	VBG
www-sonatype-com-3567	431	26	identified	identify	VBN
www-sonatype-com-3567	431	27	by	by	IN
www-sonatype-com-3567	431	28	vendors	vendor	NNS
www-sonatype-com-3567	431	29	,	,	,
www-sonatype-com-3567	431	30	independent	independent	JJ
www-sonatype-com-3567	431	31	third	third	JJ
www-sonatype-com-3567	431	32	parties	party	NNS
www-sonatype-com-3567	431	33	,	,	,
www-sonatype-com-3567	431	34	system	system	NN
www-sonatype-com-3567	431	35	managers	manager	NNS
www-sonatype-com-3567	431	36	or	or	CC
www-sonatype-com-3567	431	37	users	user	NNS
www-sonatype-com-3567	431	38	.	.	.
www-sonatype-com-3567	432	1	Applications	application	NNS
www-sonatype-com-3567	432	2	that	that	WDT
www-sonatype-com-3567	432	3	are	be	VBP
www-sonatype-com-3567	432	4	no	no	DT
www-sonatype-com-3567	432	5	lon-	lon-	NN
www-sonatype-com-3567	432	6	ger	ger	NN
www-sonatype-com-3567	432	7	supported	support	VBN
www-sonatype-com-3567	432	8	by	by	IN
www-sonatype-com-3567	432	9	vendors	vendor	NNS
www-sonatype-com-3567	432	10	with	with	IN
www-sonatype-com-3567	432	11	patches	patch	NNS
www-sonatype-com-3567	432	12	or	or	CC
www-sonatype-com-3567	432	13	updates	update	NNS
www-sonatype-com-3567	432	14	for	for	IN
www-sonatype-com-3567	432	15	security	security	NN
www-sonatype-com-3567	432	16	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	432	17	are	be	VBP
www-sonatype-com-3567	432	18	updated	update	VBN
www-sonatype-com-3567	432	19	or	or	CC
www-sonatype-com-3567	432	20	replaced	replace	VBN
www-sonatype-com-3567	432	21	with	with	IN
www-sonatype-com-3567	432	22	vendor	vendor	NN
www-sonatype-com-3567	432	23	-	-	HYPH
www-sonatype-com-3567	432	24	supported	support	VBN
www-sonatype-com-3567	432	25	versions	version	NNS
www-sonatype-com-3567	432	26	.	.	.
www-sonatype-com-3567	433	1	Security	security	NN
www-sonatype-com-3567	433	2	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	433	3	in	in	IN
www-sonatype-com-3567	433	4	applications	application	NNS
www-sonatype-com-3567	433	5	and	and	CC
www-sonatype-com-3567	433	6	drivers	driver	NNS
www-sonatype-com-3567	433	7	assessed	assess	VBD
www-sonatype-com-3567	433	8	as	as	IN
www-sonatype-com-3567	433	9	extreme	extreme	JJ
www-sonatype-com-3567	433	10	risk	risk	NN
www-sonatype-com-3567	433	11	are	be	VBP
www-sonatype-com-3567	433	12	patched	patch	VBN
www-sonatype-com-3567	433	13	,	,	,
www-sonatype-com-3567	433	14	updated	update	VBN
www-sonatype-com-3567	433	15	or	or	CC
www-sonatype-com-3567	433	16	mitigated	mitigate	VBN
www-sonatype-com-3567	433	17	within	within	IN
www-sonatype-com-3567	433	18	48	48	CD
www-sonatype-com-3567	433	19	hours	hour	NNS
www-sonatype-com-3567	433	20	of	of	IN
www-sonatype-com-3567	433	21	the	the	DT
www-sonatype-com-3567	433	22	security	security	NN
www-sonatype-com-3567	433	23	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	433	24	being	be	VBG
www-sonatype-com-3567	433	25	identified	identify	VBN
www-sonatype-com-3567	433	26	by	by	IN
www-sonatype-com-3567	433	27	vendors	vendor	NNS
www-sonatype-com-3567	433	28	,	,	,
www-sonatype-com-3567	433	29	independent	independent	JJ
www-sonatype-com-3567	433	30	third	third	JJ
www-sonatype-com-3567	433	31	parties	party	NNS
www-sonatype-com-3567	433	32	,	,	,
www-sonatype-com-3567	433	33	system	system	NN
www-sonatype-com-3567	433	34	managers	manager	NNS
www-sonatype-com-3567	433	35	or	or	CC
www-sonatype-com-3567	433	36	users	user	NNS
www-sonatype-com-3567	433	37	.	.	.
www-sonatype-com-3567	434	1	An	an	DT
www-sonatype-com-3567	434	2	automated	automate	VBN
www-sonatype-com-3567	434	3	mechanism	mechanism	NN
www-sonatype-com-3567	434	4	is	be	VBZ
www-sonatype-com-3567	434	5	used	use	VBN
www-sonatype-com-3567	434	6	to	to	TO
www-sonatype-com-3567	434	7	confirm	confirm	VB
www-sonatype-com-3567	434	8	and	and	CC
www-sonatype-com-3567	434	9	record	record	VB
www-sonatype-com-3567	434	10	that	that	WDT
www-sonatype-com-3567	434	11	deployed	deploy	VBN
www-sonatype-com-3567	434	12	application	application	NN
www-sonatype-com-3567	434	13	and	and	CC
www-sonatype-com-3567	434	14	driver	driver	NN
www-sonatype-com-3567	434	15	patches	patch	NNS
www-sonatype-com-3567	434	16	or	or	CC
www-sonatype-com-3567	434	17	updates	update	NNS
www-sonatype-com-3567	434	18	have	have	VBP
www-sonatype-com-3567	434	19	been	be	VBN
www-sonatype-com-3567	434	20	installed	instal	VBN
www-sonatype-com-3567	434	21	,	,	,
www-sonatype-com-3567	434	22	applied	apply	VBN
www-sonatype-com-3567	434	23	success-	success-	NN
www-sonatype-com-3567	434	24	fully	fully	RB
www-sonatype-com-3567	434	25	and	and	CC
www-sonatype-com-3567	434	26	remain	remain	VBP
www-sonatype-com-3567	434	27	in	in	IN
www-sonatype-com-3567	434	28	place	place	NN
www-sonatype-com-3567	434	29	.	.	.
www-sonatype-com-3567	435	1	Applications	application	NNS
www-sonatype-com-3567	435	2	that	that	WDT
www-sonatype-com-3567	435	3	are	be	VBP
www-sonatype-com-3567	435	4	no	no	RB
www-sonatype-com-3567	435	5	longer	long	RBR
www-sonatype-com-3567	435	6	supported	support	VBN
www-sonatype-com-3567	435	7	by	by	IN
www-sonatype-com-3567	435	8	vendors	vendor	NNS
www-sonatype-com-3567	435	9	with	with	IN
www-sonatype-com-3567	435	10	patches	patch	NNS
www-sonatype-com-3567	435	11	or	or	CC
www-sonatype-com-3567	435	12	updates	update	NNS
www-sonatype-com-3567	435	13	for	for	IN
www-sonatype-com-3567	435	14	security	security	NN
www-sonatype-com-3567	435	15	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	435	16	are	be	VBP
www-sonatype-com-3567	435	17	updated	update	VBN
www-sonatype-com-3567	435	18	or	or	CC
www-sonatype-com-3567	435	19	replaced	replace	VBN
www-sonatype-com-3567	435	20	with	with	IN
www-sonatype-com-3567	435	21	vendor	vendor	NN
www-sonatype-com-3567	435	22	-	-	HYPH
www-sonatype-com-3567	435	23	supported	support	VBN
www-sonatype-com-3567	435	24	versions	version	NNS
www-sonatype-com-3567	435	25	.	.	.
www-sonatype-com-3567	436	1	components	component	NNS
www-sonatype-com-3567	436	2	.	.	.
www-sonatype-com-3567	437	1	New	new	JJ
www-sonatype-com-3567	437	2	guidance	guidance	NN
www-sonatype-com-3567	437	3	released	release	VBN
www-sonatype-com-3567	437	4	by	by	IN
www-sonatype-com-3567	437	5	the	the	DT
www-sonatype-com-3567	437	6	Centre	Centre	NNP
www-sonatype-com-3567	437	7	advised	advise	VBD
www-sonatype-com-3567	437	8	that	that	IN
www-sonatype-com-3567	437	9	“	"	``
www-sonatype-com-3567	437	10	third	third	NNP
www-sonatype-com-3567	437	11	party	party	NNP
www-sonatype-com-3567	437	12	coding	code	VBG
www-sonatype-com-3567	437	13	frameworks	framework	NNS
www-sonatype-com-3567	437	14	and	and	CC
www-sonatype-com-3567	437	15	libraries	library	NNS
www-sonatype-com-3567	437	16	also	also	RB
www-sonatype-com-3567	437	17	need	need	VBP
www-sonatype-com-3567	437	18	to	to	TO
www-sonatype-com-3567	437	19	be	be	VB
www-sonatype-com-3567	437	20	considered	consider	VBN
www-sonatype-com-3567	437	21	in	in	IN
www-sonatype-com-3567	437	22	the	the	DT
www-sonatype-com-3567	437	23	same	same	JJ
www-sonatype-com-3567	437	24	light	light	NN
www-sonatype-com-3567	437	25	as	as	IN
www-sonatype-com-3567	437	26	the	the	DT
www-sonatype-com-3567	437	27	code	code	NN
www-sonatype-com-3567	437	28	you	-PRON-	PRP
www-sonatype-com-3567	437	29	author	author	NN
www-sonatype-com-3567	437	30	.	.	.
www-sonatype-com-3567	438	1	If	if	IN
www-sonatype-com-3567	438	2	third	third	JJ
www-sonatype-com-3567	438	3	party	party	NN
www-sonatype-com-3567	438	4	compo-	compo-	NN
www-sonatype-com-3567	438	5	nents	nent	NNS
www-sonatype-com-3567	438	6	are	be	VBP
www-sonatype-com-3567	438	7	themselves	-PRON-	PRP
www-sonatype-com-3567	438	8	vulnerable	vulnerable	JJ
www-sonatype-com-3567	438	9	,	,	,
www-sonatype-com-3567	438	10	this	this	DT
www-sonatype-com-3567	438	11	is	be	VBZ
www-sonatype-com-3567	438	12	likely	likely	JJ
www-sonatype-com-3567	438	13	to	to	TO
www-sonatype-com-3567	438	14	also	also	RB
www-sonatype-com-3567	438	15	impact	impact	VB
www-sonatype-com-3567	438	16	your	-PRON-	PRP$
www-sonatype-com-3567	438	17	system	system	NN
www-sonatype-com-3567	438	18	.	.	.
www-sonatype-com-3567	438	19	”47	”47	''
www-sonatype-com-3567	438	20	In	in	IN
www-sonatype-com-3567	438	21	an	an	DT
www-sonatype-com-3567	438	22	effort	effort	NN
www-sonatype-com-3567	438	23	to	to	TO
www-sonatype-com-3567	438	24	help	help	VB
www-sonatype-com-3567	438	25	development	development	NN
www-sonatype-com-3567	438	26	teams	team	NNS
www-sonatype-com-3567	438	27	evaluate	evaluate	VB
www-sonatype-com-3567	438	28	their	-PRON-	PRP$
www-sonatype-com-3567	438	29	OSS	oss	NN
www-sonatype-com-3567	438	30	components	component	NNS
www-sonatype-com-3567	438	31	and	and	CC
www-sonatype-com-3567	438	32	reduce	reduce	VB
www-sonatype-com-3567	438	33	security	security	NN
www-sonatype-com-3567	438	34	risk	risk	NN
www-sonatype-com-3567	438	35	,	,	,
www-sonatype-com-3567	438	36	the	the	DT
www-sonatype-com-3567	438	37	Centre	Centre	NNP
www-sonatype-com-3567	438	38	provided	provide	VBD
www-sonatype-com-3567	438	39	the	the	DT
www-sonatype-com-3567	438	40	following	follow	VBG
www-sonatype-com-3567	438	41	eight	eight	CD
www-sonatype-com-3567	438	42	questions	question	NNS
www-sonatype-com-3567	438	43	:	:	:
www-sonatype-com-3567	438	44	⊲	⊲	NFP
www-sonatype-com-3567	438	45	If	if	IN
www-sonatype-com-3567	438	46	there	there	EX
www-sonatype-com-3567	438	47	is	be	VBZ
www-sonatype-com-3567	438	48	a	a	DT
www-sonatype-com-3567	438	49	security	security	NN
www-sonatype-com-3567	438	50	vulnerability	vulnerability	NN
www-sonatype-com-3567	438	51	in	in	IN
www-sonatype-com-3567	438	52	the	the	DT
www-sonatype-com-3567	438	53	third	third	JJ
www-sonatype-com-3567	438	54	party	party	NN
www-sonatype-com-3567	438	55	components	component	NNS
www-sonatype-com-3567	438	56	of	of	IN
www-sonatype-com-3567	438	57	your	-PRON-	PRP$
www-sonatype-com-3567	438	58	code	code	NN
www-sonatype-com-3567	438	59	,	,	,
www-sonatype-com-3567	438	60	what	what	WP
www-sonatype-com-3567	438	61	security	security	NN
www-sonatype-com-3567	438	62	impact	impact	NN
www-sonatype-com-3567	438	63	may	may	MD
www-sonatype-com-3567	438	64	this	this	DT
www-sonatype-com-3567	438	65	have	have	VB
www-sonatype-com-3567	438	66	on	on	IN
www-sonatype-com-3567	438	67	your	-PRON-	PRP$
www-sonatype-com-3567	438	68	system	system	NN
www-sonatype-com-3567	438	69	?	?	.
www-sonatype-com-3567	439	1	⊲	⊲	NFP
www-sonatype-com-3567	439	2	Is	be	VBZ
www-sonatype-com-3567	439	3	the	the	DT
www-sonatype-com-3567	439	4	dependency	dependency	NN
www-sonatype-com-3567	439	5	actively	actively	RB
www-sonatype-com-3567	439	6	developed	develop	VBN
www-sonatype-com-3567	439	7	and	and	CC
www-sonatype-com-3567	439	8	maintained	maintain	VBN
www-sonatype-com-3567	439	9	?	?	.
www-sonatype-com-3567	440	1	⊲	⊲	NFP
www-sonatype-com-3567	440	2	If	if	IN
www-sonatype-com-3567	440	3	a	a	DT
www-sonatype-com-3567	440	4	vulnerability	vulnerability	NN
www-sonatype-com-3567	440	5	is	be	VBZ
www-sonatype-com-3567	440	6	found	find	VBN
www-sonatype-com-3567	440	7	in	in	IN
www-sonatype-com-3567	440	8	one	one	CD
www-sonatype-com-3567	440	9	of	of	IN
www-sonatype-com-3567	440	10	your	-PRON-	PRP$
www-sonatype-com-3567	440	11	depen-	depen-	FW
www-sonatype-com-3567	440	12	dencies	dencie	NNS
www-sonatype-com-3567	440	13	,	,	,
www-sonatype-com-3567	440	14	would	would	MD
www-sonatype-com-3567	440	15	you	-PRON-	PRP
www-sonatype-com-3567	440	16	know	know	VB
www-sonatype-com-3567	440	17	?	?	.
www-sonatype-com-3567	441	1	Who	who	WP
www-sonatype-com-3567	441	2	would	would	MD
www-sonatype-com-3567	441	3	fix	fix	VB
www-sonatype-com-3567	441	4	it	-PRON-	PRP
www-sonatype-com-3567	441	5	?	?	.
www-sonatype-com-3567	442	1	⊲	⊲	NFP
www-sonatype-com-3567	442	2	Are	be	VBP
www-sonatype-com-3567	442	3	you	-PRON-	PRP
www-sonatype-com-3567	442	4	using	use	VBG
www-sonatype-com-3567	442	5	any	any	DT
www-sonatype-com-3567	442	6	old	old	JJ
www-sonatype-com-3567	442	7	versions	version	NNS
www-sonatype-com-3567	442	8	of	of	IN
www-sonatype-com-3567	442	9	third	third	JJ
www-sonatype-com-3567	442	10	party	party	NNP
www-sonatype-com-3567	442	11	code	code	NN
www-sonatype-com-3567	442	12	known	know	VBN
www-sonatype-com-3567	442	13	to	to	TO
www-sonatype-com-3567	442	14	contain	contain	VB
www-sonatype-com-3567	442	15	security	security	NN
www-sonatype-com-3567	442	16	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	442	17	?	?	.
www-sonatype-com-3567	443	1	⊲	⊲	NFP
www-sonatype-com-3567	443	2	Do	do	VBP
www-sonatype-com-3567	443	3	you	-PRON-	PRP
www-sonatype-com-3567	443	4	know	know	VB
www-sonatype-com-3567	443	5	anything	anything	NN
www-sonatype-com-3567	443	6	about	about	IN
www-sonatype-com-3567	443	7	the	the	DT
www-sonatype-com-3567	443	8	author	author	NN
www-sonatype-com-3567	443	9	and	and	CC
www-sonatype-com-3567	443	10	maintainer	maintainer	NN
www-sonatype-com-3567	443	11	of	of	IN
www-sonatype-com-3567	443	12	the	the	DT
www-sonatype-com-3567	443	13	dependency	dependency	NN
www-sonatype-com-3567	443	14	?	?	.
www-sonatype-com-3567	444	1	How	how	WRB
www-sonatype-com-3567	444	2	do	do	VBP
www-sonatype-com-3567	444	3	they	-PRON-	PRP
www-sonatype-com-3567	444	4	view	view	VB
www-sonatype-com-3567	444	5	and	and	CC
www-sonatype-com-3567	444	6	approach	approach	VB
www-sonatype-com-3567	444	7	security	security	NN
www-sonatype-com-3567	444	8	?	?	.
www-sonatype-com-3567	445	1	⊲	⊲	NNP
www-sonatype-com-3567	445	2	Does	do	VBZ
www-sonatype-com-3567	445	3	the	the	DT
www-sonatype-com-3567	445	4	dependency	dependency	NN
www-sonatype-com-3567	445	5	have	have	VB
www-sonatype-com-3567	445	6	any	any	DT
www-sonatype-com-3567	445	7	history	history	NN
www-sonatype-com-3567	445	8	of	of	IN
www-sonatype-com-3567	445	9	security	security	NN
www-sonatype-com-3567	445	10	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	445	11	?	?	.
www-sonatype-com-3567	446	1	What	what	WP
www-sonatype-com-3567	446	2	’s	’	VBZ
www-sonatype-com-3567	446	3	important	important	JJ
www-sonatype-com-3567	446	4	here	here	RB
www-sonatype-com-3567	446	5	is	be	VBZ
www-sonatype-com-3567	446	6	not	not	RB
www-sonatype-com-3567	446	7	necessarily	necessarily	RB
www-sonatype-com-3567	446	8	that	that	IN
www-sonatype-com-3567	446	9	issues	issue	NNS
www-sonatype-com-3567	446	10	are	be	VBP
www-sonatype-com-3567	446	11	discovered	discover	VBN
www-sonatype-com-3567	446	12	,	,	,
www-sonatype-com-3567	446	13	but	but	CC
www-sonatype-com-3567	446	14	how	how	WRB
www-sonatype-com-3567	446	15	they	-PRON-	PRP
www-sonatype-com-3567	446	16	are	be	VBP
www-sonatype-com-3567	446	17	handled	handle	VBN
www-sonatype-com-3567	446	18	.	.	.
www-sonatype-com-3567	447	1	⊲	⊲	NFP
www-sonatype-com-3567	447	2	If	if	IN
www-sonatype-com-3567	447	3	third	third	JJ
www-sonatype-com-3567	447	4	party	party	NN
www-sonatype-com-3567	447	5	code	code	NN
www-sonatype-com-3567	447	6	is	be	VBZ
www-sonatype-com-3567	447	7	dynamically	dynamically	RB
www-sonatype-com-3567	447	8	included	include	VBN
www-sonatype-com-3567	447	9	into	into	IN
www-sonatype-com-3567	447	10	your	-PRON-	PRP$
www-sonatype-com-3567	447	11	product	product	NN
www-sonatype-com-3567	447	12	during	during	IN
www-sonatype-com-3567	447	13	the	the	DT
www-sonatype-com-3567	447	14	build	build	NN
www-sonatype-com-3567	447	15	or	or	CC
www-sonatype-com-3567	447	16	deployment	deployment	NN
www-sonatype-com-3567	447	17	process	process	NN
www-sonatype-com-3567	447	18	,	,	,
www-sonatype-com-3567	447	19	can	can	MD
www-sonatype-com-3567	447	20	you	-PRON-	PRP
www-sonatype-com-3567	447	21	ensure	ensure	VB
www-sonatype-com-3567	447	22	that	that	IN
www-sonatype-com-3567	447	23	it	-PRON-	PRP
www-sonatype-com-3567	447	24	ca	can	MD
www-sonatype-com-3567	447	25	n’t	not	RB
www-sonatype-com-3567	447	26	be	be	VB
www-sonatype-com-3567	447	27	mali-	mali-	JJ
www-sonatype-com-3567	447	28	ciously	ciously	RB
www-sonatype-com-3567	447	29	modified	modify	VBN
www-sonatype-com-3567	447	30	?	?	.
www-sonatype-com-3567	448	1	You	-PRON-	PRP
www-sonatype-com-3567	448	2	could	could	MD
www-sonatype-com-3567	448	3	achieve	achieve	VB
www-sonatype-com-3567	448	4	this	this	DT
www-sonatype-com-3567	448	5	by	by	IN
www-sonatype-com-3567	448	6	verifying	verify	VBG
www-sonatype-com-3567	448	7	its	-PRON-	PRP$
www-sonatype-com-3567	448	8	origin	origin	NN
www-sonatype-com-3567	448	9	and	and	CC
www-sonatype-com-3567	448	10	integrity	integrity	NN
www-sonatype-com-3567	448	11	,	,	,
www-sonatype-com-3567	448	12	for	for	IN
www-sonatype-com-3567	448	13	example	example	NN
www-sonatype-com-3567	448	14	.	.	.
www-sonatype-com-3567	449	1	⊲	⊲	NFP
www-sonatype-com-3567	449	2	If	if	IN
www-sonatype-com-3567	449	3	the	the	DT
www-sonatype-com-3567	449	4	third	third	JJ
www-sonatype-com-3567	449	5	party	party	NN
www-sonatype-com-3567	449	6	dependency	dependency	NN
www-sonatype-com-3567	449	7	you	-PRON-	PRP
www-sonatype-com-3567	449	8	are	be	VBP
www-sonatype-com-3567	449	9	using	use	VBG
www-sonatype-com-3567	449	10	is	be	VBZ
www-sonatype-com-3567	449	11	configurable	configurable	JJ
www-sonatype-com-3567	449	12	,	,	,
www-sonatype-com-3567	449	13	consider	consider	VB
www-sonatype-com-3567	449	14	disabling	disable	VBG
www-sonatype-com-3567	449	15	or	or	CC
www-sonatype-com-3567	449	16	removing	remove	VBG
www-sonatype-com-3567	449	17	unneeded	unneeded	JJ
www-sonatype-com-3567	449	18	functionality	functionality	NN
www-sonatype-com-3567	449	19	which	which	WDT
www-sonatype-com-3567	449	20	may	may	MD
www-sonatype-com-3567	449	21	widen	widen	VB
www-sonatype-com-3567	449	22	the	the	DT
www-sonatype-com-3567	449	23	attack	attack	NN
www-sonatype-com-3567	449	24	surface	surface	NN
www-sonatype-com-3567	449	25	of	of	IN
www-sonatype-com-3567	449	26	your	-PRON-	PRP$
www-sonatype-com-3567	449	27	product.48	product.48	NNP
www-sonatype-com-3567	449	28	Australia	Australia	NNP
www-sonatype-com-3567	449	29	This	this	DT
www-sonatype-com-3567	449	30	year	year	NN
www-sonatype-com-3567	449	31	,	,	,
www-sonatype-com-3567	449	32	the	the	DT
www-sonatype-com-3567	449	33	Australian	Australian	NNP
www-sonatype-com-3567	449	34	Cyber	Cyber	NNP
www-sonatype-com-3567	449	35	Security	Security	NNP
www-sonatype-com-3567	449	36	Centre	Centre	NNP
www-sonatype-com-3567	449	37	(	(	-LRB-
www-sonatype-com-3567	449	38	ACSC	ACSC	NNP
www-sonatype-com-3567	449	39	)	)	-RRB-
www-sonatype-com-3567	449	40	has	have	VBZ
www-sonatype-com-3567	449	41	developed	develop	VBN
www-sonatype-com-3567	449	42	prioritised	prioritise	VBN
www-sonatype-com-3567	449	43	mitigation	mitigation	NN
www-sonatype-com-3567	449	44	strat-	strat-	NN
www-sonatype-com-3567	449	45	egies	egie	NNS
www-sonatype-com-3567	449	46	to	to	TO
www-sonatype-com-3567	449	47	help	help	VB
www-sonatype-com-3567	449	48	organizations	organization	NNS
www-sonatype-com-3567	449	49	mitigate	mitigate	VB
www-sonatype-com-3567	449	50	cyber	cyber	NNP
www-sonatype-com-3567	449	51	security	security	NN
www-sonatype-com-3567	449	52	incidents	incident	NNS
www-sonatype-com-3567	449	53	caused	cause	VBN
www-sonatype-com-3567	449	54	by	by	IN
www-sonatype-com-3567	449	55	various	various	JJ
www-sonatype-com-3567	449	56	threats	threat	NNS
www-sonatype-com-3567	449	57	(	(	-LRB-
www-sonatype-com-3567	449	58	SEE	see	UH
www-sonatype-com-3567	449	59	FIGURE	FIGURE	NNP
www-sonatype-com-3567	449	60	6A	6a	NN
www-sonatype-com-3567	449	61	)	)	-RRB-
www-sonatype-com-3567	449	62	.	.	.
www-sonatype-com-3567	450	1	The	the	DT
www-sonatype-com-3567	450	2	Centre	Centre	NNP
www-sonatype-com-3567	450	3	defined	define	VBD
www-sonatype-com-3567	450	4	mitigation	mitigation	NN
www-sonatype-com-3567	450	5	strategies	strategy	NNS
www-sonatype-com-3567	450	6	that	that	WDT
www-sonatype-com-3567	450	7	could	could	MD
www-sonatype-com-3567	450	8	be	be	VB
www-sonatype-com-3567	450	9	applied	apply	VBN
www-sonatype-com-3567	450	10	along	along	IN
www-sonatype-com-3567	450	11	three	three	CD
www-sonatype-com-3567	450	12	maturity	maturity	NN
www-sonatype-com-3567	450	13	levels	level	NNS
www-sonatype-com-3567	450	14	.	.	.
www-sonatype-com-3567	451	1	For	for	IN
www-sonatype-com-3567	451	2	updating	update	VBG
www-sonatype-com-3567	451	3	third	third	JJ
www-sonatype-com-3567	451	4	party	party	NN
www-sonatype-com-3567	451	5	libraries	library	NNS
www-sonatype-com-3567	451	6	and	and	CC
www-sonatype-com-3567	451	7	patching	patching	NN
www-sonatype-com-3567	451	8	applications	application	NNS
www-sonatype-com-3567	451	9	,	,	,
www-sonatype-com-3567	451	10	the	the	DT
www-sonatype-com-3567	451	11	guidance	guidance	NN
www-sonatype-com-3567	451	12	recommended	recommend	VBD
www-sonatype-com-3567	451	13	mitigating	mitigating	JJ
www-sonatype-com-3567	451	14	actions	action	NNS
www-sonatype-com-3567	451	15	within	within	IN
www-sonatype-com-3567	451	16	a	a	DT
www-sonatype-com-3567	451	17	month	month	NN
www-sonatype-com-3567	451	18	at	at	IN
www-sonatype-com-3567	451	19	the	the	DT
www-sonatype-com-3567	451	20	lowest	low	JJS
www-sonatype-com-3567	451	21	maturity	maturity	NN
www-sonatype-com-3567	451	22	level	level	NN
www-sonatype-com-3567	451	23	and	and	CC
www-sonatype-com-3567	451	24	within	within	IN
www-sonatype-com-3567	451	25	48	48	CD
www-sonatype-com-3567	451	26	hours	hour	NNS
www-sonatype-com-3567	451	27	at	at	IN
www-sonatype-com-3567	451	28	the	the	DT
www-sonatype-com-3567	451	29	highest	high	JJS
www-sonatype-com-3567	451	30	maturity	maturity	NN
www-sonatype-com-3567	451	31	level	level	NN
www-sonatype-com-3567	451	32	,	,	,
www-sonatype-com-3567	451	33	while	while	IN
www-sonatype-com-3567	451	34	also	also	RB
www-sonatype-com-3567	451	35	recommending	recommend	VBG
www-sonatype-com-3567	451	36	automated	automate	VBN
www-sonatype-com-3567	451	37	tooling	tooling	NN
www-sonatype-com-3567	451	38	to	to	TO
www-sonatype-com-3567	451	39	track	track	VB
www-sonatype-com-3567	451	40	where	where	WRB
www-sonatype-com-3567	451	41	and	and	CC
www-sonatype-com-3567	451	42	when	when	WRB
www-sonatype-com-3567	451	43	cybersecurity	cybersecurity	NN
www-sonatype-com-3567	451	44	updates	update	NNS
www-sonatype-com-3567	451	45	had	have	VBD
www-sonatype-com-3567	451	46	been	be	VBN
www-sonatype-com-3567	451	47	performed.49	performed.49	NNP
www-sonatype-com-3567	451	48	■	■	NFP
www-sonatype-com-3567	451	49	Summary	Summary	NNP
www-sonatype-com-3567	451	50	We	-PRON-	PRP
www-sonatype-com-3567	451	51	’ve	have	VB
www-sonatype-com-3567	451	52	observed	observe	VBN
www-sonatype-com-3567	451	53	double	double	JJ
www-sonatype-com-3567	451	54	and	and	CC
www-sonatype-com-3567	451	55	triple	triple	JJ
www-sonatype-com-3567	451	56	digit	digit	NN
www-sonatype-com-3567	451	57	growth	growth	NN
www-sonatype-com-3567	451	58	in	in	IN
www-sonatype-com-3567	451	59	open	open	JJ
www-sonatype-com-3567	451	60	source	source	NN
www-sonatype-com-3567	451	61	component	component	NN
www-sonatype-com-3567	451	62	ecosystems	ecosystem	VBZ
www-sonatype-com-3567	451	63	for	for	IN
www-sonatype-com-3567	451	64	over	over	IN
www-sonatype-com-3567	451	65	a	a	DT
www-sonatype-com-3567	451	66	decade	decade	NN
www-sonatype-com-3567	451	67	.	.	.
www-sonatype-com-3567	452	1	The	the	DT
www-sonatype-com-3567	452	2	industry	industry	NN
www-sonatype-com-3567	452	3	eclipsed	eclipse	VBD
www-sonatype-com-3567	452	4	10	10	CD
www-sonatype-com-3567	452	5	billion	billion	CD
www-sonatype-com-3567	452	6	open	open	JJ
www-sonatype-com-3567	452	7	source	source	NN
www-sonatype-com-3567	452	8	component	component	NN
www-sonatype-com-3567	452	9	downloads	download	NNS
www-sonatype-com-3567	452	10	in	in	IN
www-sonatype-com-3567	452	11	2012	2012	CD
www-sonatype-com-3567	452	12	and	and	CC
www-sonatype-com-3567	452	13	within	within	IN
www-sonatype-com-3567	452	14	five	five	CD
www-sonatype-com-3567	452	15	years	year	NNS
www-sonatype-com-3567	452	16	witnessed	witness	VBD
www-sonatype-com-3567	452	17	100	100	CD
www-sonatype-com-3567	452	18	billion	billion	CD
www-sonatype-com-3567	452	19	download	download	NN
www-sonatype-com-3567	452	20	requests	request	NNS
www-sonatype-com-3567	452	21	.	.	.
www-sonatype-com-3567	453	1	With	with	IN
www-sonatype-com-3567	453	2	no	no	DT
www-sonatype-com-3567	453	3	slowdown	slowdown	NN
www-sonatype-com-3567	453	4	in	in	IN
www-sonatype-com-3567	453	5	sight	sight	NN
www-sonatype-com-3567	453	6	,	,	,
www-sonatype-com-3567	453	7	2020	2020	CD
www-sonatype-com-3567	453	8	is	be	VBZ
www-sonatype-com-3567	453	9	on	on	IN
www-sonatype-com-3567	453	10	pace	pace	NN
www-sonatype-com-3567	453	11	to	to	TO
www-sonatype-com-3567	453	12	surpass	surpass	VB
www-sonatype-com-3567	453	13	1.5	1.5	CD
www-sonatype-com-3567	453	14	trillion	trillion	CD
www-sonatype-com-3567	453	15	download	download	NN
www-sonatype-com-3567	453	16	requests	request	NNS
www-sonatype-com-3567	453	17	.	.	.
www-sonatype-com-3567	454	1	The	the	DT
www-sonatype-com-3567	454	2	purpose	purpose	NN
www-sonatype-com-3567	454	3	of	of	IN
www-sonatype-com-3567	454	4	our	-PRON-	PRP$
www-sonatype-com-3567	454	5	6th	6th	JJ
www-sonatype-com-3567	454	6	annual	annual	JJ
www-sonatype-com-3567	454	7	report	report	NN
www-sonatype-com-3567	454	8	was	be	VBD
www-sonatype-com-3567	454	9	to	to	TO
www-sonatype-com-3567	454	10	share	share	VB
www-sonatype-com-3567	454	11	evidence	evidence	NN
www-sonatype-com-3567	454	12	,	,	,
www-sonatype-com-3567	454	13	practices	practice	NNS
www-sonatype-com-3567	454	14	and	and	CC
www-sonatype-com-3567	454	15	outcomes	outcome	NNS
www-sonatype-com-3567	454	16	we	-PRON-	PRP
www-sonatype-com-3567	454	17	observed	observe	VBD
www-sonatype-com-3567	454	18	across	across	IN
www-sonatype-com-3567	454	19	software	software	NN
www-sonatype-com-3567	454	20	supply	supply	NN
www-sonatype-com-3567	454	21	chains	chain	NNS
www-sonatype-com-3567	454	22	—	—	:
www-sonatype-com-3567	454	23	upstream	upstream	NNP
www-sonatype-com-3567	454	24	and	and	CC
www-sonatype-com-3567	454	25	downstream	downstream	JJ
www-sonatype-com-3567	454	26	.	.	.
www-sonatype-com-3567	455	1	Our	-PRON-	PRP$
www-sonatype-com-3567	455	2	findings	finding	NNS
www-sonatype-com-3567	455	3	are	be	VBP
www-sonatype-com-3567	455	4	clear	clear	JJ
www-sonatype-com-3567	455	5	.	.	.
www-sonatype-com-3567	456	1	Productivity	productivity	NN
www-sonatype-com-3567	456	2	does	do	VBZ
www-sonatype-com-3567	456	3	not	not	RB
www-sonatype-com-3567	456	4	have	have	VB
www-sonatype-com-3567	456	5	to	to	TO
www-sonatype-com-3567	456	6	come	come	VB
www-sonatype-com-3567	456	7	at	at	IN
www-sonatype-com-3567	456	8	the	the	DT
www-sonatype-com-3567	456	9	cost	cost	NN
www-sonatype-com-3567	456	10	of	of	IN
www-sonatype-com-3567	456	11	reduced	reduced	JJ
www-sonatype-com-3567	456	12	security	security	NN
www-sonatype-com-3567	456	13	.	.	.
www-sonatype-com-3567	457	1	On	on	IN
www-sonatype-com-3567	457	2	the	the	DT
www-sonatype-com-3567	457	3	supply	supply	NN
www-sonatype-com-3567	457	4	side	side	NN
www-sonatype-com-3567	457	5	,	,	,
www-sonatype-com-3567	457	6	we	-PRON-	PRP
www-sonatype-com-3567	457	7	observed	observe	VBD
www-sonatype-com-3567	457	8	that	that	IN
www-sonatype-com-3567	457	9	Exemplary	Exemplary	NNP
www-sonatype-com-3567	457	10	open	open	JJ
www-sonatype-com-3567	457	11	source	source	NN
www-sonatype-com-3567	457	12	projects	project	NNS
www-sonatype-com-3567	457	13	benefit	benefit	VBP
www-sonatype-com-3567	457	14	tremendously	tremendously	RB
www-sonatype-com-3567	457	15	from	from	IN
www-sonatype-com-3567	457	16	more	more	JJR
www-sonatype-com-3567	457	17	frequent	frequent	JJ
www-sonatype-com-3567	457	18	code	code	NN
www-sonatype-com-3567	457	19	commits	commit	NNS
www-sonatype-com-3567	457	20	,	,	,
www-sonatype-com-3567	457	21	dependency	dependency	NN
www-sonatype-com-3567	457	22	updates	update	NNS
www-sonatype-com-3567	457	23	and	and	CC
www-sonatype-com-3567	457	24	releases	release	NNS
www-sonatype-com-3567	457	25	.	.	.
www-sonatype-com-3567	458	1	The	the	DT
www-sonatype-com-3567	458	2	more	more	RBR
www-sonatype-com-3567	458	3	frequent	frequent	JJ
www-sonatype-com-3567	458	4	the	the	DT
www-sonatype-com-3567	458	5	updates	update	NNS
www-sonatype-com-3567	458	6	,	,	,
www-sonatype-com-3567	458	7	the	the	DT
www-sonatype-com-3567	458	8	generally	generally	RB
www-sonatype-com-3567	458	9	more	more	RBR
www-sonatype-com-3567	458	10	secure	secure	JJ
www-sonatype-com-3567	458	11	the	the	DT
www-sonatype-com-3567	458	12	OSS	OSS	NNP
www-sonatype-com-3567	458	13	project	project	NN
www-sonatype-com-3567	458	14	.	.	.
www-sonatype-com-3567	459	1	On	on	IN
www-sonatype-com-3567	459	2	the	the	DT
www-sonatype-com-3567	459	3	demand	demand	NN
www-sonatype-com-3567	459	4	side	side	NN
www-sonatype-com-3567	459	5	,	,	,
www-sonatype-com-3567	459	6	we	-PRON-	PRP
www-sonatype-com-3567	459	7	discovered	discover	VBD
www-sonatype-com-3567	459	8	a	a	DT
www-sonatype-com-3567	459	9	range	range	NN
www-sonatype-com-3567	459	10	of	of	IN
www-sonatype-com-3567	459	11	enterprise	enterprise	NN
www-sonatype-com-3567	459	12	practices	practice	NNS
www-sonatype-com-3567	459	13	that	that	WDT
www-sonatype-com-3567	459	14	influenced	influence	VBD
www-sonatype-com-3567	459	15	successful	successful	JJ
www-sonatype-com-3567	459	16	software	software	NN
www-sonatype-com-3567	459	17	supply	supply	NN
www-sonatype-com-3567	459	18	chain	chain	NN
www-sonatype-com-3567	459	19	outcomes	outcome	NNS
www-sonatype-com-3567	459	20	.	.	.
www-sonatype-com-3567	460	1	High	high	JJ
www-sonatype-com-3567	460	2	Performers	Performers	NNPS
www-sonatype-com-3567	460	3	deployed	deploy	VBD
www-sonatype-com-3567	460	4	more	more	RBR
www-sonatype-com-3567	460	5	frequently	frequently	RB
www-sonatype-com-3567	460	6	,	,	,
www-sonatype-com-3567	460	7	detected	detect	VBN
www-sonatype-com-3567	460	8	and	and	CC
www-sonatype-com-3567	460	9	remedi-	remedi-	NNP
www-sonatype-com-3567	460	10	ated	ate	VBD
www-sonatype-com-3567	460	11	vulnerable	vulnerable	JJ
www-sonatype-com-3567	460	12	OSS	oss	NN
www-sonatype-com-3567	460	13	components	component	NNS
www-sonatype-com-3567	460	14	more	more	RBR
www-sonatype-com-3567	460	15	quickly	quickly	RB
www-sonatype-com-3567	460	16	,	,	,
www-sonatype-com-3567	460	17	and	and	CC
www-sonatype-com-3567	460	18	approved	approve	VBD
www-sonatype-com-3567	460	19	new	new	JJ
www-sonatype-com-3567	460	20	OSS	OSS	NNP
www-sonatype-com-3567	460	21	components	component	NNS
www-sonatype-com-3567	460	22	efficiently	efficiently	RB
www-sonatype-com-3567	460	23	.	.	.
www-sonatype-com-3567	461	1	The	the	DT
www-sonatype-com-3567	461	2	High	High	NNP
www-sonatype-com-3567	461	3	Performers	Performers	NNPS
www-sonatype-com-3567	461	4	also	also	RB
www-sonatype-com-3567	461	5	onboarded	onboarde	VBD
www-sonatype-com-3567	461	6	developers	developer	NNS
www-sonatype-com-3567	461	7	onto	onto	IN
www-sonatype-com-3567	461	8	new	new	JJ
www-sonatype-com-3567	461	9	teams	team	NNS
www-sonatype-com-3567	461	10	faster	fast	RBR
www-sonatype-com-3567	461	11	and	and	CC
www-sonatype-com-3567	461	12	their	-PRON-	PRP$
www-sonatype-com-3567	461	13	employees	employee	NNS
www-sonatype-com-3567	461	14	demon-	demon-	NNP
www-sonatype-com-3567	461	15	strated	strate	VBD
www-sonatype-com-3567	461	16	high	high	JJ
www-sonatype-com-3567	461	17	levels	level	NNS
www-sonatype-com-3567	461	18	of	of	IN
www-sonatype-com-3567	461	19	satisfaction	satisfaction	NN
www-sonatype-com-3567	461	20	on	on	IN
www-sonatype-com-3567	461	21	the	the	DT
www-sonatype-com-3567	461	22	job	job	NN
www-sonatype-com-3567	461	23	.	.	.
www-sonatype-com-3567	462	1	Our	-PRON-	PRP$
www-sonatype-com-3567	462	2	deep	deep	JJ
www-sonatype-com-3567	462	3	examination	examination	NN
www-sonatype-com-3567	462	4	of	of	IN
www-sonatype-com-3567	462	5	consumption	consumption	NN
www-sonatype-com-3567	462	6	patterns	pattern	NNS
www-sonatype-com-3567	462	7	,	,	,
www-sonatype-com-3567	462	8	development	development	NN
www-sonatype-com-3567	462	9	practices	practice	NNS
www-sonatype-com-3567	462	10	,	,	,
www-sonatype-com-3567	462	11	and	and	CC
www-sonatype-com-3567	462	12	cybersecurity	cybersecurity	NN
www-sonatype-com-3567	462	13	hygiene	hygiene	NN
www-sonatype-com-3567	462	14	revealed	reveal	VBD
www-sonatype-com-3567	462	15	:	:	:
www-sonatype-com-3567	462	16	⊲	⊲	CD
www-sonatype-com-3567	462	17	929	929	CD
www-sonatype-com-3567	462	18	next	next	JJ
www-sonatype-com-3567	462	19	-	-	HYPH
www-sonatype-com-3567	462	20	generation	generation	NN
www-sonatype-com-3567	462	21	cyber	cyber	JJ
www-sonatype-com-3567	462	22	attacks	attack	NNS
www-sonatype-com-3567	462	23	actively	actively	RB
www-sonatype-com-3567	462	24	target-	target-	VBP
www-sonatype-com-3567	462	25	ing	ing	JJ
www-sonatype-com-3567	462	26	OSS	oss	NN
www-sonatype-com-3567	462	27	projects	project	NNS
www-sonatype-com-3567	462	28	over	over	IN
www-sonatype-com-3567	462	29	the	the	DT
www-sonatype-com-3567	462	30	past	past	JJ
www-sonatype-com-3567	462	31	year	year	NN
www-sonatype-com-3567	462	32	(	(	-LRB-
www-sonatype-com-3567	462	33	Chapter	chapter	NN
www-sonatype-com-3567	462	34	1	1	CD
www-sonatype-com-3567	462	35	)	)	-RRB-
www-sonatype-com-3567	462	36	⊲	⊲	NFP
www-sonatype-com-3567	462	37	608x	608x	NNS
www-sonatype-com-3567	462	38	faster	fast	RBR
www-sonatype-com-3567	462	39	median	median	JJ
www-sonatype-com-3567	462	40	time	time	NN
www-sonatype-com-3567	462	41	to	to	TO
www-sonatype-com-3567	462	42	update	update	VB
www-sonatype-com-3567	462	43	dependencies	dependency	NNS
www-sonatype-com-3567	462	44	and	and	CC
www-sonatype-com-3567	462	45	2.9x	2.9x	CD
www-sonatype-com-3567	462	46	more	more	JJR
www-sonatype-com-3567	462	47	frequent	frequent	JJ
www-sonatype-com-3567	462	48	releases	release	NNS
www-sonatype-com-3567	462	49	for	for	IN
www-sonatype-com-3567	462	50	large	large	JJ
www-sonatype-com-3567	462	51	exem-	exem-	NN
www-sonatype-com-3567	462	52	plary	plary	JJ
www-sonatype-com-3567	462	53	OSS	oss	NN
www-sonatype-com-3567	462	54	projects	project	NNS
www-sonatype-com-3567	462	55	compared	compare	VBN
www-sonatype-com-3567	462	56	to	to	IN
www-sonatype-com-3567	462	57	non	non	JJ
www-sonatype-com-3567	462	58	-	-	JJ
www-sonatype-com-3567	462	59	exemplar	exemplar	JJ
www-sonatype-com-3567	462	60	clusters	cluster	NNS
www-sonatype-com-3567	462	61	(	(	-LRB-
www-sonatype-com-3567	462	62	Chapter	chapter	NN
www-sonatype-com-3567	462	63	3	3	CD
www-sonatype-com-3567	462	64	)	)	-RRB-
www-sonatype-com-3567	462	65	⊲	⊲	CD
www-sonatype-com-3567	462	66	26x	26x	NNS
www-sonatype-com-3567	462	67	detection	detection	NN
www-sonatype-com-3567	462	68	and	and	CC
www-sonatype-com-3567	462	69	remediation	remediation	NN
www-sonatype-com-3567	462	70	of	of	IN
www-sonatype-com-3567	462	71	open	open	JJ
www-sonatype-com-3567	462	72	source	source	NN
www-sonatype-com-3567	462	73	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	462	74	by	by	IN
www-sonatype-com-3567	462	75	high	high	JJ
www-sonatype-com-3567	462	76	performance	performance	NN
www-sonatype-com-3567	462	77	teams	team	NNS
www-sonatype-com-3567	462	78	(	(	-LRB-
www-sonatype-com-3567	462	79	Chapter	chapter	NN
www-sonatype-com-3567	462	80	4	4	CD
www-sonatype-com-3567	462	81	)	)	-RRB-
www-sonatype-com-3567	462	82	⊲	⊲	CD
www-sonatype-com-3567	462	83	11	11	CD
www-sonatype-com-3567	462	84	%	%	NN
www-sonatype-com-3567	462	85	of	of	IN
www-sonatype-com-3567	462	86	OSS	OSS	NNP
www-sonatype-com-3567	462	87	components	component	NNS
www-sonatype-com-3567	462	88	used	use	VBN
www-sonatype-com-3567	462	89	in	in	IN
www-sonatype-com-3567	462	90	applications	application	NNS
www-sonatype-com-3567	462	91	had	have	VBD
www-sonatype-com-3567	462	92	at	at	RB
www-sonatype-com-3567	462	93	least	least	RBS
www-sonatype-com-3567	462	94	one	one	CD
www-sonatype-com-3567	462	95	known	know	VBN
www-sonatype-com-3567	462	96	security	security	NN
www-sonatype-com-3567	462	97	vulnerability	vulnerability	NN
www-sonatype-com-3567	462	98	(	(	-LRB-
www-sonatype-com-3567	462	99	Chapter	chapter	NN
www-sonatype-com-3567	462	100	5	5	CD
www-sonatype-com-3567	462	101	)	)	-RRB-
www-sonatype-com-3567	462	102	⊲	⊲	CD
www-sonatype-com-3567	462	103	21	21	CD
www-sonatype-com-3567	462	104	%	%	NN
www-sonatype-com-3567	462	105	of	of	IN
www-sonatype-com-3567	462	106	development	development	NN
www-sonatype-com-3567	462	107	teams	team	NNS
www-sonatype-com-3567	462	108	experienced	experience	VBD
www-sonatype-com-3567	462	109	an	an	DT
www-sonatype-com-3567	462	110	open	open	JJ
www-sonatype-com-3567	462	111	source	source	NN
www-sonatype-com-3567	462	112	related	relate	VBN
www-sonatype-com-3567	462	113	breach	breach	NN
www-sonatype-com-3567	462	114	in	in	IN
www-sonatype-com-3567	462	115	the	the	DT
www-sonatype-com-3567	462	116	past	past	JJ
www-sonatype-com-3567	462	117	12	12	CD
www-sonatype-com-3567	462	118	months	month	NNS
www-sonatype-com-3567	462	119	(	(	-LRB-
www-sonatype-com-3567	462	120	Chapter	chapter	NN
www-sonatype-com-3567	462	121	5	5	CD
www-sonatype-com-3567	462	122	)	)	-RRB-
www-sonatype-com-3567	462	123	It	-PRON-	PRP
www-sonatype-com-3567	462	124	is	be	VBZ
www-sonatype-com-3567	462	125	encouraging	encouraging	JJ
www-sonatype-com-3567	462	126	to	to	TO
www-sonatype-com-3567	462	127	see	see	VB
www-sonatype-com-3567	462	128	exemplary	exemplary	NNP
www-sonatype-com-3567	462	129	OSS	oss	NN
www-sonatype-com-3567	462	130	projects	project	NNS
www-sonatype-com-3567	462	131	and	and	CC
www-sonatype-com-3567	462	132	innovative	innovative	JJ
www-sonatype-com-3567	462	133	enterprise	enterprise	NN
www-sonatype-com-3567	462	134	development	development	NN
www-sonatype-com-3567	462	135	teams	team	NNS
www-sonatype-com-3567	462	136	are	be	VBP
www-sonatype-com-3567	462	137	delivering	deliver	VBG
www-sonatype-com-3567	462	138	high	high	JJ
www-sonatype-com-3567	462	139	quality	quality	NN
www-sonatype-com-3567	462	140	,	,	,
www-sonatype-com-3567	462	141	security	security	NN
www-sonatype-com-3567	462	142	software	software	NN
www-sonatype-com-3567	462	143	at	at	IN
www-sonatype-com-3567	462	144	a	a	DT
www-sonatype-com-3567	462	145	rapid	rapid	JJ
www-sonatype-com-3567	462	146	pace	pace	NN
www-sonatype-com-3567	462	147	.	.	.
www-sonatype-com-3567	463	1	Their	-PRON-	PRP$
www-sonatype-com-3567	463	2	dedication	dedication	NN
www-sonatype-com-3567	463	3	and	and	CC
www-sonatype-com-3567	463	4	results	result	NNS
www-sonatype-com-3567	463	5	are	be	VBP
www-sonatype-com-3567	463	6	not	not	RB
www-sonatype-com-3567	463	7	rare	rare	JJ
www-sonatype-com-3567	463	8	and	and	CC
www-sonatype-com-3567	463	9	their	-PRON-	PRP$
www-sonatype-com-3567	463	10	performance	performance	NN
www-sonatype-com-3567	463	11	serves	serve	VBZ
www-sonatype-com-3567	463	12	as	as	IN
www-sonatype-com-3567	463	13	a	a	DT
www-sonatype-com-3567	463	14	benchmark	benchmark	NN
www-sonatype-com-3567	463	15	for	for	IN
www-sonatype-com-3567	463	16	others	other	NNS
www-sonatype-com-3567	463	17	to	to	TO
www-sonatype-com-3567	463	18	strive	strive	VB
www-sonatype-com-3567	463	19	for	for	IN
www-sonatype-com-3567	463	20	and	and	CC
www-sonatype-com-3567	463	21	achieve	achieve	VB
www-sonatype-com-3567	463	22	.	.	.
www-sonatype-com-3567	464	1	Thank	thank	VBP
www-sonatype-com-3567	464	2	you	-PRON-	PRP
www-sonatype-com-3567	464	3	for	for	IN
www-sonatype-com-3567	464	4	reading	read	VBG
www-sonatype-com-3567	464	5	this	this	DT
www-sonatype-com-3567	464	6	year	year	NN
www-sonatype-com-3567	464	7	’s	’s	POS
www-sonatype-com-3567	464	8	report	report	NN
www-sonatype-com-3567	464	9	.	.	.
www-sonatype-com-3567	465	1	Please	please	UH
www-sonatype-com-3567	465	2	share	share	VB
www-sonatype-com-3567	465	3	it	-PRON-	PRP
www-sonatype-com-3567	465	4	with	with	IN
www-sonatype-com-3567	465	5	others	other	NNS
www-sonatype-com-3567	465	6	who	who	WP
www-sonatype-com-3567	465	7	you	-PRON-	PRP
www-sonatype-com-3567	465	8	feel	feel	VBP
www-sonatype-com-3567	465	9	might	may	MD
www-sonatype-com-3567	465	10	benefit	benefit	VB
www-sonatype-com-3567	465	11	from	from	IN
www-sonatype-com-3567	465	12	its	-PRON-	PRP$
www-sonatype-com-3567	465	13	data	datum	NNS
www-sonatype-com-3567	465	14	,	,	,
www-sonatype-com-3567	465	15	perspectives	perspective	NNS
www-sonatype-com-3567	465	16	,	,	,
www-sonatype-com-3567	465	17	and	and	CC
www-sonatype-com-3567	465	18	insight	insight	NN
www-sonatype-com-3567	465	19	.	.	.
www-sonatype-com-3567	466	1	We	-PRON-	PRP
www-sonatype-com-3567	466	2	welcome	welcome	VBP
www-sonatype-com-3567	466	3	any	any	DT
www-sonatype-com-3567	466	4	feedback	feedback	NN
www-sonatype-com-3567	466	5	that	that	WDT
www-sonatype-com-3567	466	6	would	would	MD
www-sonatype-com-3567	466	7	help	help	VB
www-sonatype-com-3567	466	8	us	-PRON-	PRP
www-sonatype-com-3567	466	9	improve	improve	VB
www-sonatype-com-3567	466	10	our	-PRON-	PRP$
www-sonatype-com-3567	466	11	future	future	JJ
www-sonatype-com-3567	466	12	reports	report	NNS
www-sonatype-com-3567	466	13	.	.	.
www-sonatype-com-3567	467	1	402020	402020	CD
www-sonatype-com-3567	467	2	STATE	STATE	NNP
www-sonatype-com-3567	467	3	OF	of	IN
www-sonatype-com-3567	467	4	THE	the	DT
www-sonatype-com-3567	467	5	SOFTWARE	software	NN
www-sonatype-com-3567	467	6	SUPPLY	supply	NN
www-sonatype-com-3567	467	7	CHAIN	CHAIN	NNP
www-sonatype-com-3567	467	8	REPORT	REPORT	NNP
www-sonatype-com-3567	467	9	Sources	source	NNS
www-sonatype-com-3567	467	10	1	1	CD
www-sonatype-com-3567	467	11	https://blog.sonatype.com/open-	https://blog.sonatype.com/open-	NNP
www-sonatype-com-3567	467	12	source	source	NN
www-sonatype-com-3567	467	13	-	-	HYPH
www-sonatype-com-3567	467	14	software	software	NN
www-sonatype-com-3567	467	15	-	-	HYPH
www-sonatype-com-3567	467	16	is	be	VBZ
www-sonatype-com-3567	467	17	-	-	HYPH
www-sonatype-com-3567	467	18	under	under	IN
www-sonatype-com-3567	467	19	-	-	HYPH
www-sonatype-com-3567	467	20	attack-	attack-	NN
www-sonatype-com-3567	467	21	new	new	JJ
www-sonatype-com-3567	467	22	-	-	HYPH
www-sonatype-com-3567	467	23	event	event	NN
www-sonatype-com-3567	467	24	-	-	HYPH
www-sonatype-com-3567	467	25	stream	stream	NN
www-sonatype-com-3567	467	26	-	-	HYPH
www-sonatype-com-3567	467	27	hack	hack	NN
www-sonatype-com-3567	467	28	-	-	HYPH
www-sonatype-com-3567	467	29	is	be	VBZ
www-sonatype-com-3567	467	30	-	-	HYPH
www-sonatype-com-3567	467	31	latest-	latest-	FW
www-sonatype-com-3567	467	32	proof	proof	NNP
www-sonatype-com-3567	467	33	2	2	CD
www-sonatype-com-3567	467	34	https://blog.sonatype.com/	https://blog.sonatype.com/	ADD
www-sonatype-com-3567	467	35	octopus	octopus	NN
www-sonatype-com-3567	467	36	-	-	HYPH
www-sonatype-com-3567	467	37	scanner	scanner	NN
www-sonatype-com-3567	467	38	-	-	HYPH
www-sonatype-com-3567	467	39	compromises-26-	compromises-26-	CD
www-sonatype-com-3567	467	40	oss	oss	NN
www-sonatype-com-3567	467	41	-	-	HYPH
www-sonatype-com-3567	467	42	projects	project	NNS
www-sonatype-com-3567	467	43	-	-	HYPH
www-sonatype-com-3567	467	44	on	on	IN
www-sonatype-com-3567	467	45	-	-	HYPH
www-sonatype-com-3567	467	46	github	github	NNS
www-sonatype-com-3567	467	47	3	3	CD
www-sonatype-com-3567	467	48	https://arxiv.org/pdf/2005.09535	https://arxiv.org/pdf/2005.09535	NNP
www-sonatype-com-3567	467	49	.	.	.
www-sonatype-com-3567	468	1	pdf	pdf	NNP
www-sonatype-com-3567	468	2	4	4	CD
www-sonatype-com-3567	468	3	https://www.usenix.org/system/	https://www.usenix.org/system/	NNP
www-sonatype-com-3567	468	4	files	file	NNS
www-sonatype-com-3567	468	5	/	/	SYM
www-sonatype-com-3567	468	6	sec19-zimmermann.pdf	sec19-zimmermann.pdf	$
www-sonatype-com-3567	468	7	5	5	CD
www-sonatype-com-3567	468	8	https://www.usenix.org/system/	https://www.usenix.org/system/	NNP
www-sonatype-com-3567	468	9	files	file	NNS
www-sonatype-com-3567	468	10	/	/	SYM
www-sonatype-com-3567	468	11	sec19-zimmermann.pdf	sec19-zimmermann.pdf	$
www-sonatype-com-3567	468	12	6	6	CD
www-sonatype-com-3567	468	13	https://www.zdnet.com/article/	https://www.zdnet.com/article/	CD
www-sonatype-com-3567	468	14	the	the	DT
www-sonatype-com-3567	468	15	-	-	HYPH
www-sonatype-com-3567	468	16	linux	linux	JJ
www-sonatype-com-3567	468	17	-	-	HYPH
www-sonatype-com-3567	468	18	foundation	foundation	NN
www-sonatype-com-3567	468	19	-	-	HYPH
www-sonatype-com-3567	468	20	identifies-	identifies-	NN
www-sonatype-com-3567	468	21	the	the	DT
www-sonatype-com-3567	468	22	-	-	HYPH
www-sonatype-com-3567	468	23	most	most	RBS
www-sonatype-com-3567	468	24	-	-	HYPH
www-sonatype-com-3567	468	25	important	important	JJ
www-sonatype-com-3567	468	26	-	-	HYPH
www-sonatype-com-3567	468	27	open	open	JJ
www-sonatype-com-3567	468	28	-	-	HYPH
www-sonatype-com-3567	468	29	source-	source-	JJ
www-sonatype-com-3567	468	30	software	software	NN
www-sonatype-com-3567	468	31	-	-	HYPH
www-sonatype-com-3567	468	32	components	component	NNS
www-sonatype-com-3567	468	33	-	-	HYPH
www-sonatype-com-3567	468	34	and	and	CC
www-sonatype-com-3567	468	35	-	-	HYPH
www-sonatype-com-3567	468	36	their-	their-	NNS
www-sonatype-com-3567	468	37	problems	problem	NNS
www-sonatype-com-3567	468	38	7	7	CD
www-sonatype-com-3567	468	39	https://medium.com/@bertusk/	https://medium.com/@bertusk/	CD
www-sonatype-com-3567	468	40	discord	discord	NN
www-sonatype-com-3567	468	41	-	-	HYPH
www-sonatype-com-3567	468	42	token	token	JJ
www-sonatype-com-3567	468	43	-	-	HYPH
www-sonatype-com-3567	468	44	stealer	stealer	NN
www-sonatype-com-3567	468	45	-	-	HYPH
www-sonatype-com-3567	468	46	discovered-	discovered-	NN
www-sonatype-com-3567	468	47	in	in	IN
www-sonatype-com-3567	468	48	-	-	HYPH
www-sonatype-com-3567	468	49	pypi	pypi	NN
www-sonatype-com-3567	468	50	-	-	HYPH
www-sonatype-com-3567	468	51	repository	repository	NN
www-sonatype-com-3567	468	52	-	-	HYPH
www-sonatype-com-3567	468	53	e65ed9c3de06	e65ed9c3de06	ADD
www-sonatype-com-3567	468	54	8	8	CD
www-sonatype-com-3567	468	55	https://github.com/dasfreak/	https://github.com/dasfreak/	NNP
www-sonatype-com-3567	468	56	Backstabbers	Backstabbers	NNPS
www-sonatype-com-3567	468	57	-	-	HYPH
www-sonatype-com-3567	468	58	Knife	Knife	NNP
www-sonatype-com-3567	468	59	-	-	HYPH
www-sonatype-com-3567	468	60	Collection	Collection	NNP
www-sonatype-com-3567	468	61	9	9	CD
www-sonatype-com-3567	468	62	https://www.cvedetails.com/cve/	https://www.cvedetails.com/cve/	NNP
www-sonatype-com-3567	468	63	CVE-2019	CVE-2019	NNP
www-sonatype-com-3567	468	64	-	-	HYPH
www-sonatype-com-3567	468	65	14282	14282	CD
www-sonatype-com-3567	468	66	10	10	CD
www-sonatype-com-3567	468	67	http://dgb.github.io/2019/04/05/	http://dgb.github.io/2019/04/05/	NNP
www-sonatype-com-3567	468	68	bootstrap-sass-backdoor.html	bootstrap-sass-backdoor.html	CD
www-sonatype-com-3567	468	69	11	11	CD
www-sonatype-com-3567	468	70	https://github.com/rubygems/	https://github.com/rubygems/	NN
www-sonatype-com-3567	468	71	rubygems.org/issues/2034	rubygems.org/issues/2034	CD
www-sonatype-com-3567	468	72	12	12	CD
www-sonatype-com-3567	468	73	https://github.com/rubygems/	https://github.com/rubygems/	NN
www-sonatype-com-3567	468	74	rubygems.org/wiki/Gems-yanked-	rubygems.org/wiki/Gems-yanked-	NNP
www-sonatype-com-3567	468	75	and	and	CC
www-sonatype-com-3567	468	76	-	-	HYPH
www-sonatype-com-3567	468	77	accounts	account	NNS
www-sonatype-com-3567	468	78	-	-	,
www-sonatype-com-3567	468	79	locked#19-aug-2019	locked#19-aug-2019	CC
www-sonatype-com-3567	468	80	13	13	CD
www-sonatype-com-3567	468	81	http://arstechnica.com/	http://arstechnica.com/	CD
www-sonatype-com-3567	468	82	information	information	NN
www-sonatype-com-3567	468	83	-	-	:
www-sonatype-com-3567	468	84	technology/2019/08/	technology/2019/08/	NNP
www-sonatype-com-3567	468	85	the	the	DT
www-sonatype-com-3567	468	86	-	-	HYPH
www-sonatype-com-3567	468	87	year	year	NN
www-sonatype-com-3567	468	88	-	-	HYPH
www-sonatype-com-3567	468	89	long	long	JJ
www-sonatype-com-3567	468	90	-	-	HYPH
www-sonatype-com-3567	468	91	rash	rash	NN
www-sonatype-com-3567	468	92	-	-	HYPH
www-sonatype-com-3567	468	93	of	of	IN
www-sonatype-com-3567	468	94	-	-	HYPH
www-sonatype-com-3567	468	95	supply	supply	NN
www-sonatype-com-3567	468	96	-	-	HYPH
www-sonatype-com-3567	468	97	chain-	chain-	NN
www-sonatype-com-3567	468	98	attacks	attack	NNS
www-sonatype-com-3567	468	99	-	-	,
www-sonatype-com-3567	468	100	against	against	IN
www-sonatype-com-3567	468	101	-	-	HYPH
www-sonatype-com-3567	468	102	open	open	JJ
www-sonatype-com-3567	468	103	-	-	HYPH
www-sonatype-com-3567	468	104	source	source	NN
www-sonatype-com-3567	468	105	-	-	HYPH
www-sonatype-com-3567	468	106	is-	is-	NN
www-sonatype-com-3567	468	107	getting	getting	NN
www-sonatype-com-3567	468	108	-	-	HYPH
www-sonatype-com-3567	468	109	worse	bad	JJR
www-sonatype-com-3567	468	110	14	14	CD
www-sonatype-com-3567	468	111	https://www.npmjs.com/	https://www.npmjs.com/	NN
www-sonatype-com-3567	468	112	advisories/1119	advisories/1119	CD
www-sonatype-com-3567	468	113	15	15	CD
www-sonatype-com-3567	468	114	https://www.npmjs.com/	https://www.npmjs.com/	NN
www-sonatype-com-3567	468	115	advisories/1308	advisories/1308	CD
www-sonatype-com-3567	468	116	16	16	CD
www-sonatype-com-3567	468	117	https://www.zdnet.com/article/	https://www.zdnet.com/article/	NNP
www-sonatype-com-3567	468	118	two	two	CD
www-sonatype-com-3567	468	119	-	-	HYPH
www-sonatype-com-3567	468	120	malicious	malicious	JJ
www-sonatype-com-3567	468	121	-	-	HYPH
www-sonatype-com-3567	468	122	python	python	NN
www-sonatype-com-3567	468	123	-	-	HYPH
www-sonatype-com-3567	468	124	libraries-	libraries-	NN
www-sonatype-com-3567	468	125	removed	remove	VBN
www-sonatype-com-3567	468	126	-	-	HYPH
www-sonatype-com-3567	468	127	from	from	IN
www-sonatype-com-3567	468	128	-	-	HYPH
www-sonatype-com-3567	468	129	pypi	pypi	NN
www-sonatype-com-3567	468	130	17	17	CD
www-sonatype-com-3567	468	131	https://gist.github.com/colby-sw	https://gist.github.com/colby-sw	NNS
www-sonatype-com-3567	468	132	andale/11dadff435b02f887fc68178	andale/11dadff435b02f887fc68178	CD
www-sonatype-com-3567	468	133	cd4fb0dc	cd4fb0dc	RB
www-sonatype-com-3567	468	134	18	18	CD
www-sonatype-com-3567	468	135	https://www.theregister	https://www.theregister	NN
www-sonatype-com-3567	468	136	.	.	.
www-sonatype-com-3567	469	1	com/2020/04/21	com/2020/04/21	NNS
www-sonatype-com-3567	469	2	/	/	SYM
www-sonatype-com-3567	469	3	rubygems	rubygems	NNPS
www-sonatype-com-3567	469	4	_	_	NNP
www-sonatype-com-3567	469	5	bitcoin_malware	bitcoin_malware	NNP
www-sonatype-com-3567	469	6	19	19	CD
www-sonatype-com-3567	469	7	https://blog.sonatype.com/	https://blog.sonatype.com/	CD
www-sonatype-com-3567	469	8	saltstack-20-breaches	saltstack-20-breaches	UH
www-sonatype-com-3567	469	9	-	-	HYPH
www-sonatype-com-3567	469	10	within	within	IN
www-sonatype-com-3567	469	11	-	-	HYPH
www-sonatype-com-3567	469	12	four-	four-	NN
www-sonatype-com-3567	469	13	days	day	NNS
www-sonatype-com-3567	469	14	20	20	CD
www-sonatype-com-3567	469	15	https://www.npmjs.com/	https://www.npmjs.com/	VBD
www-sonatype-com-3567	469	16	21	21	CD
www-sonatype-com-3567	469	17	https://www.daxx.com/blog/	https://www.daxx.com/blog/	NNP
www-sonatype-com-3567	469	18	development	development	NN
www-sonatype-com-3567	469	19	-	-	HYPH
www-sonatype-com-3567	469	20	trends	trend	NNS
www-sonatype-com-3567	469	21	/	/	SYM
www-sonatype-com-3567	469	22	number-	number-	JJ
www-sonatype-com-3567	469	23	software	software	NN
www-sonatype-com-3567	469	24	-	-	HYPH
www-sonatype-com-3567	469	25	developers	developer	NNS
www-sonatype-com-3567	469	26	-	-	HYPH
www-sonatype-com-3567	469	27	world	world	NN
www-sonatype-com-3567	469	28	22	22	CD
www-sonatype-com-3567	469	29	https://www.zdnet.com/article/	https://www.zdnet.com/article/	JJ
www-sonatype-com-3567	469	30	programming	programming	NN
www-sonatype-com-3567	469	31	-	-	HYPH
www-sonatype-com-3567	469	32	languages	language	NNS
www-sonatype-com-3567	469	33	-	-	HYPH
www-sonatype-com-3567	469	34	python-	python-	NN
www-sonatype-com-3567	469	35	developers	developer	NNS
www-sonatype-com-3567	469	36	-	-	HYPH
www-sonatype-com-3567	469	37	now	now	RB
www-sonatype-com-3567	469	38	-	-	HYPH
www-sonatype-com-3567	469	39	outnumber	outnumber	NN
www-sonatype-com-3567	469	40	-	-	HYPH
www-sonatype-com-3567	469	41	java-	java-	NN
www-sonatype-com-3567	469	42	ones	one	NNS
www-sonatype-com-3567	469	43	23	23	CD
www-sonatype-com-3567	469	44	https://www.nuget.org	https://www.nuget.org	ADD
www-sonatype-com-3567	469	45	24	24	CD
www-sonatype-com-3567	469	46	https://www.nuget.org	https://www.nuget.org	ADD
www-sonatype-com-3567	469	47	25	25	CD
www-sonatype-com-3567	469	48	https://www.docker.com/blog/	https://www.docker.com/blog/	NNS
www-sonatype-com-3567	469	49	introducing	introduce	VBG
www-sonatype-com-3567	469	50	-	-	HYPH
www-sonatype-com-3567	469	51	the	the	DT
www-sonatype-com-3567	469	52	-	-	HYPH
www-sonatype-com-3567	469	53	docker	docker	NN
www-sonatype-com-3567	469	54	-	-	HYPH
www-sonatype-com-3567	469	55	index	index	NN
www-sonatype-com-3567	469	56	26	26	CD
www-sonatype-com-3567	469	57	https://devclass.com/2020/	https://devclass.com/2020/	CD
www-sonatype-com-3567	469	58	02/05	02/05	CD
www-sonatype-com-3567	469	59	/	/	SYM
www-sonatype-com-3567	469	60	docker	docker	NN
www-sonatype-com-3567	469	61	-	-	HYPH
www-sonatype-com-3567	469	62	knits	knit	NNS
www-sonatype-com-3567	469	63	-	-	HYPH
www-sonatype-com-3567	469	64	together	together	RB
www-sonatype-com-3567	469	65	-	-	HYPH
www-sonatype-com-3567	469	66	hub-	hub-	NN
www-sonatype-com-3567	469	67	stats	stat	NNS
www-sonatype-com-3567	469	68	-	-	HYPH
www-sonatype-com-3567	469	69	says	say	VBZ
www-sonatype-com-3567	469	70	-	-	HYPH
www-sonatype-com-3567	469	71	pulls	pull	NNS
www-sonatype-com-3567	469	72	-	-	:
www-sonatype-com-3567	469	73	over-8-billion/	over-8-billion/	CC
www-sonatype-com-3567	469	74	27	27	CD
www-sonatype-com-3567	469	75	Exploratory	exploratory	NN
www-sonatype-com-3567	469	76	clustering	clustering	NN
www-sonatype-com-3567	469	77	was	be	VBD
www-sonatype-com-3567	469	78	initially	initially	RB
www-sonatype-com-3567	469	79	done	do	VBN
www-sonatype-com-3567	469	80	with	with	IN
www-sonatype-com-3567	469	81	the	the	DT
www-sonatype-com-3567	469	82	SPSS	SPSS	NNP
www-sonatype-com-3567	469	83	two-	two-	NN
www-sonatype-com-3567	469	84	step	step	NN
www-sonatype-com-3567	469	85	clustering	cluster	VBG
www-sonatype-com-3567	469	86	method	method	NN
www-sonatype-com-3567	469	87	,	,	,
www-sonatype-com-3567	469	88	and	and	CC
www-sonatype-com-3567	469	89	later	later	RB
www-sonatype-com-3567	469	90	was	be	VBD
www-sonatype-com-3567	469	91	performed	perform	VBN
www-sonatype-com-3567	469	92	with	with	IN
www-sonatype-com-3567	469	93	k	k	NNP
www-sonatype-com-3567	469	94	-	-	HYPH
www-sonatype-com-3567	469	95	means	mean	NNS
www-sonatype-com-3567	469	96	using	use	VBG
www-sonatype-com-3567	469	97	SciKit	SciKit	NNP
www-sonatype-com-3567	469	98	Learn	Learn	NNP
www-sonatype-com-3567	469	99	,	,	,
www-sonatype-com-3567	469	100	starting	start	VBG
www-sonatype-com-3567	469	101	from	from	IN
www-sonatype-com-3567	469	102	random	random	JJ
www-sonatype-com-3567	469	103	cluster	cluster	NN
www-sonatype-com-3567	469	104	centers	center	NNS
www-sonatype-com-3567	469	105	and	and	CC
www-sonatype-com-3567	469	106	taking	take	VBG
www-sonatype-com-3567	469	107	the	the	DT
www-sonatype-com-3567	469	108	best	good	JJS
www-sonatype-com-3567	469	109	of	of	IN
www-sonatype-com-3567	469	110	50	50	CD
www-sonatype-com-3567	469	111	runs	run	NNS
www-sonatype-com-3567	469	112	.	.	.
www-sonatype-com-3567	470	1	Highly	highly	RB
www-sonatype-com-3567	470	2	correlated	correlate	VBN
www-sonatype-com-3567	470	3	variables	variable	NNS
www-sonatype-com-3567	470	4	were	be	VBD
www-sonatype-com-3567	470	5	first	first	RB
www-sonatype-com-3567	470	6	converted	convert	VBN
www-sonatype-com-3567	470	7	to	to	IN
www-sonatype-com-3567	470	8	single	single	JJ
www-sonatype-com-3567	470	9	dimensions	dimension	NNS
www-sonatype-com-3567	470	10	with	with	IN
www-sonatype-com-3567	470	11	principal	principal	JJ
www-sonatype-com-3567	470	12	components	component	NNS
www-sonatype-com-3567	470	13	analysis	analysis	NN
www-sonatype-com-3567	470	14	.	.	.
www-sonatype-com-3567	471	1	28	28	CD
www-sonatype-com-3567	471	2	We	-PRON-	PRP
www-sonatype-com-3567	471	3	used	use	VBD
www-sonatype-com-3567	471	4	the	the	DT
www-sonatype-com-3567	471	5	SciKit	SciKit	NNP
www-sonatype-com-3567	471	6	Learn	Learn	NNP
www-sonatype-com-3567	471	7	(	(	-LRB-
www-sonatype-com-3567	471	8	version	version	NN
www-sonatype-com-3567	471	9	0.21.1	0.21.1	NFP
www-sonatype-com-3567	471	10	)	)	-RRB-
www-sonatype-com-3567	471	11	implementation	implementation	NN
www-sonatype-com-3567	471	12	of	of	IN
www-sonatype-com-3567	471	13	elastic	elastic	JJ
www-sonatype-com-3567	471	14	net	net	JJ
www-sonatype-com-3567	471	15	regression	regression	NN
www-sonatype-com-3567	471	16	with	with	IN
www-sonatype-com-3567	471	17	alpha=0.1	alpha=0.1	NNP
www-sonatype-com-3567	471	18	and	and	CC
www-sonatype-com-3567	471	19	an	an	DT
www-sonatype-com-3567	471	20	L1	L1	NNP
www-sonatype-com-3567	471	21	ratio	ratio	NN
www-sonatype-com-3567	471	22	of	of	IN
www-sonatype-com-3567	471	23	0.7	0.7	CD
www-sonatype-com-3567	471	24	.	.	.
www-sonatype-com-3567	472	1	29	29	CD
www-sonatype-com-3567	472	2	Higher	high	JJR
www-sonatype-com-3567	472	3	r2	r2	NN
www-sonatype-com-3567	472	4	is	be	VBZ
www-sonatype-com-3567	472	5	better	well	JJR
www-sonatype-com-3567	472	6	and	and	CC
www-sonatype-com-3567	472	7	indicates	indicate	VBZ
www-sonatype-com-3567	472	8	that	that	IN
www-sonatype-com-3567	472	9	the	the	DT
www-sonatype-com-3567	472	10	model	model	NN
www-sonatype-com-3567	472	11	explains	explain	VBZ
www-sonatype-com-3567	472	12	more	more	JJR
www-sonatype-com-3567	472	13	of	of	IN
www-sonatype-com-3567	472	14	the	the	DT
www-sonatype-com-3567	472	15	change	change	NN
www-sonatype-com-3567	472	16	in	in	IN
www-sonatype-com-3567	472	17	outcome	outcome	NN
www-sonatype-com-3567	472	18	.	.	.
www-sonatype-com-3567	473	1	30	30	CD
www-sonatype-com-3567	473	2	A	a	DT
www-sonatype-com-3567	473	3	caveat	caveat	NN
www-sonatype-com-3567	473	4	:	:	:
www-sonatype-com-3567	473	5	our	-PRON-	PRP$
www-sonatype-com-3567	473	6	survey	survey	NN
www-sonatype-com-3567	473	7	relies	rely	VBZ
www-sonatype-com-3567	473	8	on	on	IN
www-sonatype-com-3567	473	9	self	self	NN
www-sonatype-com-3567	473	10	-	-	HYPH
www-sonatype-com-3567	473	11	reported	report	VBN
www-sonatype-com-3567	473	12	data	datum	NNS
www-sonatype-com-3567	473	13	and	and	CC
www-sonatype-com-3567	473	14	we	-PRON-	PRP
www-sonatype-com-3567	473	15	did	do	VBD
www-sonatype-com-3567	473	16	not	not	RB
www-sonatype-com-3567	473	17	have	have	VB
www-sonatype-com-3567	473	18	access	access	NN
www-sonatype-com-3567	473	19	to	to	IN
www-sonatype-com-3567	473	20	direct	direct	JJ
www-sonatype-com-3567	473	21	measures	measure	NNS
www-sonatype-com-3567	473	22	of	of	IN
www-sonatype-com-3567	473	23	the	the	DT
www-sonatype-com-3567	473	24	behavior	behavior	NN
www-sonatype-com-3567	473	25	.	.	.
www-sonatype-com-3567	474	1	31	31	CD
www-sonatype-com-3567	474	2	https://puppet.com/resources/	https://puppet.com/resources/	CC
www-sonatype-com-3567	474	3	report/2015-state	report/2015-state	JJ
www-sonatype-com-3567	474	4	-	-	HYPH
www-sonatype-com-3567	474	5	devops	devop	NNS
www-sonatype-com-3567	474	6	-	-	HYPH
www-sonatype-com-3567	474	7	report	report	NN
www-sonatype-com-3567	474	8	32	32	CD
www-sonatype-com-3567	474	9	Eileen	Eileen	NNP
www-sonatype-com-3567	474	10	M.	M.	NNP
www-sonatype-com-3567	474	11	Uchitelle	Uchitelle	NNP
www-sonatype-com-3567	474	12	,	,	,
www-sonatype-com-3567	474	13	“	"	``
www-sonatype-com-3567	474	14	The	the	DT
www-sonatype-com-3567	474	15	Past	Past	NNP
www-sonatype-com-3567	474	16	,	,	,
www-sonatype-com-3567	474	17	Present	Present	NNP
www-sonatype-com-3567	474	18	,	,	,
www-sonatype-com-3567	474	19	&	&	CC
www-sonatype-com-3567	474	20	Future	Future	NNP
www-sonatype-com-3567	474	21	of	of	IN
www-sonatype-com-3567	474	22	Rails	Rails	NNPS
www-sonatype-com-3567	474	23	at	at	IN
www-sonatype-com-3567	474	24	GitHub	GitHub	NNP
www-sonatype-com-3567	474	25	”	"	''
www-sonatype-com-3567	474	26	:	:	:
www-sonatype-com-3567	474	27	https://speakerdeck	https://speakerdeck	ADD
www-sonatype-com-3567	474	28	.	.	.
www-sonatype-com-3567	475	1	com	com	NN
www-sonatype-com-3567	475	2	/	/	SYM
www-sonatype-com-3567	475	3	eileencodes	eileencode	NNS
www-sonatype-com-3567	475	4	/	/	SYM
www-sonatype-com-3567	475	5	railsconf-	railsconf-	NN
www-sonatype-com-3567	475	6	and	and	CC
www-sonatype-com-3567	475	7	-	-	HYPH
www-sonatype-com-3567	475	8	balkan	balkan	JJ
www-sonatype-com-3567	475	9	-	-	HYPH
www-sonatype-com-3567	475	10	ruby-2019-the	ruby-2019-the	NN
www-sonatype-com-3567	475	11	-	-	HYPH
www-sonatype-com-3567	475	12	past-	past-	NN
www-sonatype-com-3567	475	13	present	present	JJ
www-sonatype-com-3567	475	14	-	-	HYPH
www-sonatype-com-3567	475	15	and	and	CC
www-sonatype-com-3567	475	16	-	-	HYPH
www-sonatype-com-3567	475	17	future	future	NN
www-sonatype-com-3567	475	18	-	-	HYPH
www-sonatype-com-3567	475	19	of	of	IN
www-sonatype-com-3567	475	20	-	-	HYPH
www-sonatype-com-3567	475	21	rails	rail	NNS
www-sonatype-com-3567	475	22	-	-	:
www-sonatype-com-3567	475	23	at-	at-	NN
www-sonatype-com-3567	475	24	github	github	NNS
www-sonatype-com-3567	475	25	and	and	CC
www-sonatype-com-3567	475	26	“	"	``
www-sonatype-com-3567	475	27	RailsConf	RailsConf	NNP
www-sonatype-com-3567	475	28	2019	2019	CD
www-sonatype-com-3567	475	29	—	—	:
www-sonatype-com-3567	475	30	The	the	DT
www-sonatype-com-3567	475	31	Past	Past	NNP
www-sonatype-com-3567	475	32	,	,	,
www-sonatype-com-3567	475	33	Present	Present	NNP
www-sonatype-com-3567	475	34	,	,	,
www-sonatype-com-3567	475	35	and	and	CC
www-sonatype-com-3567	475	36	Future	Future	NNP
www-sonatype-com-3567	475	37	of	of	IN
www-sonatype-com-3567	475	38	Rails	Rails	NNPS
www-sonatype-com-3567	475	39	at	at	IN
www-sonatype-com-3567	475	40	GitHub	GitHub	NNP
www-sonatype-com-3567	475	41	,	,	,
www-sonatype-com-3567	475	42	”	"	''
www-sonatype-com-3567	475	43	25	25	CD
www-sonatype-com-3567	475	44	minutes	minute	NNS
www-sonatype-com-3567	475	45	in	in	IN
www-sonatype-com-3567	475	46	,	,	,
www-sonatype-com-3567	475	47	https://www.youtube.com/	https://www.youtube.com/	NNP
www-sonatype-com-3567	475	48	watch?v	watch?v	NNP
www-sonatype-com-3567	475	49	=	=	SYM
www-sonatype-com-3567	475	50	vIScxVu00bs	viscxvu00bs	ADD
www-sonatype-com-3567	475	51	33	33	CD
www-sonatype-com-3567	475	52	https://www.zdnet.com/article/	https://www.zdnet.com/article/	NN
www-sonatype-com-3567	475	53	the	the	DT
www-sonatype-com-3567	475	54	-	-	HYPH
www-sonatype-com-3567	475	55	linux	linux	JJ
www-sonatype-com-3567	475	56	-	-	HYPH
www-sonatype-com-3567	475	57	foundation	foundation	NN
www-sonatype-com-3567	475	58	-	-	HYPH
www-sonatype-com-3567	475	59	identifies-	identifies-	NN
www-sonatype-com-3567	475	60	the	the	DT
www-sonatype-com-3567	475	61	-	-	HYPH
www-sonatype-com-3567	475	62	most	most	RBS
www-sonatype-com-3567	475	63	-	-	HYPH
www-sonatype-com-3567	475	64	important	important	JJ
www-sonatype-com-3567	475	65	-	-	HYPH
www-sonatype-com-3567	475	66	open	open	JJ
www-sonatype-com-3567	475	67	-	-	HYPH
www-sonatype-com-3567	475	68	source-	source-	JJ
www-sonatype-com-3567	475	69	software	software	NN
www-sonatype-com-3567	475	70	-	-	HYPH
www-sonatype-com-3567	475	71	components	component	NNS
www-sonatype-com-3567	475	72	-	-	HYPH
www-sonatype-com-3567	475	73	and	and	CC
www-sonatype-com-3567	475	74	-	-	HYPH
www-sonatype-com-3567	475	75	their-	their-	NNS
www-sonatype-com-3567	475	76	problems/	problems/	ADD
www-sonatype-com-3567	475	77	34	34	CD
www-sonatype-com-3567	475	78	https://www.usenix.org/system/	https://www.usenix.org/system/	NNP
www-sonatype-com-3567	475	79	files	file	NNS
www-sonatype-com-3567	475	80	/	/	SYM
www-sonatype-com-3567	475	81	sec19-zimmermann.pdf	sec19-zimmermann.pdf	$
www-sonatype-com-3567	475	82	35	35	CD
www-sonatype-com-3567	475	83	https://info.flexerasoftware.com/	https://info.flexerasoftware.com/	CD
www-sonatype-com-3567	475	84	SCA	SCA	NNP
www-sonatype-com-3567	475	85	-	-	HYPH
www-sonatype-com-3567	475	86	Ebook	Ebook	NNP
www-sonatype-com-3567	475	87	-	-	HYPH
www-sonatype-com-3567	475	88	Maturity	Maturity	NNP
www-sonatype-com-3567	475	89	-	-	HYPH
www-sonatype-com-3567	475	90	Open	open	JJ
www-sonatype-com-3567	475	91	-	-	HYPH
www-sonatype-com-3567	475	92	Source-	Source-	NNP
www-sonatype-com-3567	475	93	Software	software	NN
www-sonatype-com-3567	475	94	36	36	CD
www-sonatype-com-3567	475	95	https://securityintelligence.com/	https://securityintelligence.com/	CD
www-sonatype-com-3567	475	96	posts	post	NNS
www-sonatype-com-3567	475	97	/	/	SYM
www-sonatype-com-3567	475	98	x	x	NN
www-sonatype-com-3567	475	99	-	-	HYPH
www-sonatype-com-3567	475	100	force	force	NN
www-sonatype-com-3567	475	101	-	-	HYPH
www-sonatype-com-3567	475	102	threat	threat	NN
www-sonatype-com-3567	475	103	-	-	HYPH
www-sonatype-com-3567	475	104	intelligence-	intelligence-	JJ
www-sonatype-com-3567	475	105	index	index	NN
www-sonatype-com-3567	475	106	-	-	HYPH
www-sonatype-com-3567	475	107	reveals	reveal	VBZ
www-sonatype-com-3567	475	108	-	-	HYPH
www-sonatype-com-3567	475	109	top	top	RB
www-sonatype-com-3567	475	110	-	-	HYPH
www-sonatype-com-3567	475	111	cybersecurity-	cybersecurity-	NN
www-sonatype-com-3567	475	112	risks	risk	NNS
www-sonatype-com-3567	475	113	-	-	HYPH
www-sonatype-com-3567	475	114	of-2020/	of-2020/	CD
www-sonatype-com-3567	475	115	37	37	CD
www-sonatype-com-3567	475	116	https://github.com/sethvargo/	https://github.com/sethvargo/	NNP
www-sonatype-com-3567	475	117	chef	chef	NN
www-sonatype-com-3567	475	118	-	-	HYPH
www-sonatype-com-3567	475	119	sugar	sugar	NNP
www-sonatype-com-3567	475	120	38	38	CD
www-sonatype-com-3567	475	121	https://devclass	https://devclas	NNS
www-sonatype-com-3567	475	122	.	.	.
www-sonatype-com-3567	476	1	com/2020/01/20	com/2020/01/20	IN
www-sonatype-com-3567	476	2	/	/	SYM
www-sonatype-com-3567	476	3	rust	rust	NN
www-sonatype-com-3567	476	4	-	-	HYPH
www-sonatype-com-3567	476	5	framework-	framework-	NN
www-sonatype-com-3567	476	6	dev	dev	NNP
www-sonatype-com-3567	476	7	-	-	HYPH
www-sonatype-com-3567	476	8	says	say	VBZ
www-sonatype-com-3567	476	9	-	-	HYPH
www-sonatype-com-3567	476	10	im	im	IN
www-sonatype-com-3567	476	11	-	-	HYPH
www-sonatype-com-3567	476	12	done	do	VBN
www-sonatype-com-3567	476	13	-	-	HYPH
www-sonatype-com-3567	476	14	with	with	IN
www-sonatype-com-3567	476	15	-	-	HYPH
www-sonatype-com-3567	476	16	open-	open-	NN
www-sonatype-com-3567	476	17	source	source	NN
www-sonatype-com-3567	476	18	-	-	:
www-sonatype-com-3567	476	19	has	have	VBZ
www-sonatype-com-3567	476	20	-	-	HYPH
www-sonatype-com-3567	476	21	second	second	NN
www-sonatype-com-3567	476	22	-	-	HYPH
www-sonatype-com-3567	476	23	thoughts	thought	NNS
www-sonatype-com-3567	476	24	39	39	CD
www-sonatype-com-3567	476	25	https://wiki.linuxfoundation	https://wiki.linuxfoundation	NN
www-sonatype-com-3567	476	26	.	.	.
www-sonatype-com-3567	477	1	org/_media	org/_media	NNP
www-sonatype-com-3567	477	2	/	/	SYM
www-sonatype-com-3567	477	3	openchain/	openchain/	NNP
www-sonatype-com-3567	477	4	openchainspec-2.0.pdf	openchainspec-2.0.pdf	NNP
www-sonatype-com-3567	477	5	40	40	CD
www-sonatype-com-3567	477	6	https://www.cisa.gov/sites/	https://www.cisa.gov/sites/	NNP
www-sonatype-com-3567	477	7	default	default	NN
www-sonatype-com-3567	477	8	/	/	HYPH
www-sonatype-com-3567	477	9	files	file	NNS
www-sonatype-com-3567	477	10	/	/	SYM
www-sonatype-com-3567	477	11	publications	publication	NNS
www-sonatype-com-3567	477	12	/	/	SYM
www-sonatype-com-3567	477	13	ict_scrm	ict_scrm	NNP
www-sonatype-com-3567	477	14	_	_	NNP
www-sonatype-com-3567	477	15	essentials_508.pdf	essentials_508.pdf	NN
www-sonatype-com-3567	477	16	41	41	CD
www-sonatype-com-3567	477	17	https://www.congress.gov/116/	https://www.congress.gov/116/	NNP
www-sonatype-com-3567	477	18	bills	bill	NNS
www-sonatype-com-3567	477	19	/	/	SYM
www-sonatype-com-3567	477	20	s2316	s2316	NNP
www-sonatype-com-3567	477	21	/	/	SYM
www-sonatype-com-3567	477	22	BILLS-116s2316is.pdf	BILLS-116s2316is.pdf	NNP
www-sonatype-com-3567	477	23	42	42	CD
www-sonatype-com-3567	477	24	https://github.com/oasis-tcs/	https://github.com/oasis-tcs/	NN
www-sonatype-com-3567	477	25	openc2-usecases	openc2-usecases	NNP
www-sonatype-com-3567	477	26	/	/	SYM
www-sonatype-com-3567	477	27	blob	blob	NNP
www-sonatype-com-3567	477	28	/	/	SYM
www-sonatype-com-3567	477	29	master/	master/	NNP
www-sonatype-com-3567	477	30	Cybercom	Cybercom	NNP
www-sonatype-com-3567	477	31	-	-	HYPH
www-sonatype-com-3567	477	32	Plugfest	Plugfest	NNP
www-sonatype-com-3567	477	33	/	/	SYM
www-sonatype-com-3567	477	34	uc	uc	NNP
www-sonatype-com-3567	477	35	-	-	HYPH
www-sonatype-com-3567	477	36	A	A	NNP
www-sonatype-com-3567	477	37	-	-	HYPH
www-sonatype-com-3567	477	38	comply	comply	NN
www-sonatype-com-3567	477	39	-	-	HYPH
www-sonatype-com-3567	477	40	to-	to-	NNP
www-sonatype-com-3567	477	41	connect.md	connect.md	XX
www-sonatype-com-3567	477	42	43	43	CD
www-sonatype-com-3567	477	43	https://www.ntia.gov/	https://www.ntia.gov/	NN
www-sonatype-com-3567	477	44	files	file	NNS
www-sonatype-com-3567	477	45	/	/	SYM
www-sonatype-com-3567	477	46	ntia	ntia	NNP
www-sonatype-com-3567	477	47	/	/	SYM
www-sonatype-com-3567	477	48	publications/	publications/	NNP
www-sonatype-com-3567	477	49	framingsbom_20191112.pdf	framingsbom_20191112.pdf	NNP
www-sonatype-com-3567	477	50	44	44	CD
www-sonatype-com-3567	477	51	https://www.congress.gov/116/	https://www.congress.gov/116/	NN
www-sonatype-com-3567	477	52	bills	bill	NNS
www-sonatype-com-3567	477	53	/	/	SYM
www-sonatype-com-3567	477	54	s1790	s1790	NNP
www-sonatype-com-3567	477	55	/	/	SYM
www-sonatype-com-3567	477	56	BILLS-116s1790enr.pdf	BILLS-116s1790enr.pdf	NNP
www-sonatype-com-3567	477	57	45	45	CD
www-sonatype-com-3567	477	58	https://csrc.nist.gov/	https://csrc.nist.gov/	NNP
www-sonatype-com-3567	477	59	publications	publication	NNS
www-sonatype-com-3567	477	60	/	/	SYM
www-sonatype-com-3567	477	61	detail	detail	NN
www-sonatype-com-3567	477	62	/	/	SYM
www-sonatype-com-3567	477	63	white-	white-	NN
www-sonatype-com-3567	477	64	paper/2020/04/23	paper/2020/04/23	NNP
www-sonatype-com-3567	477	65	/	/	SYM
www-sonatype-com-3567	477	66	mitigating	mitigating	NN
www-sonatype-com-3567	477	67	-	-	HYPH
www-sonatype-com-3567	477	68	risk-	risk-	NN
www-sonatype-com-3567	477	69	of	of	IN
www-sonatype-com-3567	477	70	-	-	HYPH
www-sonatype-com-3567	477	71	software	software	NN
www-sonatype-com-3567	477	72	-	-	HYPH
www-sonatype-com-3567	477	73	vulnerabilities	vulnerability	NNS
www-sonatype-com-3567	477	74	-	-	HYPH
www-sonatype-com-3567	477	75	with-	with-	NN
www-sonatype-com-3567	477	76	ssdf	ssdf	NN
www-sonatype-com-3567	477	77	/	/	SYM
www-sonatype-com-3567	477	78	final	final	JJ
www-sonatype-com-3567	477	79	46	46	CD
www-sonatype-com-3567	477	80	https://nvlpubs.nist	https://nvlpubs.nist	NN
www-sonatype-com-3567	477	81	.	.	.
www-sonatype-com-3567	478	1	gov	gov	NNP
www-sonatype-com-3567	478	2	/	/	SYM
www-sonatype-com-3567	478	3	nistpubs	nistpubs	NNPS
www-sonatype-com-3567	478	4	/	/	SYM
www-sonatype-com-3567	478	5	CSWP	CSWP	NNP
www-sonatype-com-3567	478	6	/	/	SYM
www-sonatype-com-3567	478	7	NIST	NIST	NNP
www-sonatype-com-3567	478	8	.	.	.
www-sonatype-com-3567	479	1	CSWP.04232020.pdf	cswp.04232020.pdf	NN
www-sonatype-com-3567	479	2	47	47	CD
www-sonatype-com-3567	479	3	https://www.ncsc.gov.uk/	https://www.ncsc.gov.uk/	NNP
www-sonatype-com-3567	479	4	collection	collection	NN
www-sonatype-com-3567	479	5	/	/	SYM
www-sonatype-com-3567	479	6	developers	developer	NNS
www-sonatype-com-3567	479	7	-	-	HYPH
www-sonatype-com-3567	479	8	collection/	collection/	NN
www-sonatype-com-3567	479	9	principles	principle	NNS
www-sonatype-com-3567	479	10	/	/	SYM
www-sonatype-com-3567	479	11	produce	produce	NN
www-sonatype-com-3567	479	12	-	-	HYPH
www-sonatype-com-3567	479	13	clean-	clean-	NN
www-sonatype-com-3567	479	14	maintainable	maintainable	JJ
www-sonatype-com-3567	479	15	-	-	HYPH
www-sonatype-com-3567	479	16	code	code	NN
www-sonatype-com-3567	479	17	48	48	CD
www-sonatype-com-3567	479	18	https://www.ncsc.gov.uk/	https://www.ncsc.gov.uk/	NNP
www-sonatype-com-3567	479	19	collection	collection	NN
www-sonatype-com-3567	479	20	/	/	SYM
www-sonatype-com-3567	479	21	developers	developer	NNS
www-sonatype-com-3567	479	22	-	-	HYPH
www-sonatype-com-3567	479	23	collection/	collection/	NN
www-sonatype-com-3567	479	24	principles	principle	NNS
www-sonatype-com-3567	479	25	/	/	SYM
www-sonatype-com-3567	479	26	produce	produce	NN
www-sonatype-com-3567	479	27	-	-	HYPH
www-sonatype-com-3567	479	28	clean-	clean-	NN
www-sonatype-com-3567	479	29	maintainable	maintainable	JJ
www-sonatype-com-3567	479	30	-	-	HYPH
www-sonatype-com-3567	479	31	code	code	NN
www-sonatype-com-3567	479	32	49	49	CD
www-sonatype-com-3567	479	33	https://www.cyber.gov.au/acsc/	https://www.cyber.gov.au/acsc/	NNP
www-sonatype-com-3567	479	34	view	view	NN
www-sonatype-com-3567	479	35	-	-	HYPH
www-sonatype-com-3567	479	36	all	all	DT
www-sonatype-com-3567	479	37	-	-	HYPH
www-sonatype-com-3567	479	38	content	content	NN
www-sonatype-com-3567	479	39	/	/	SYM
www-sonatype-com-3567	479	40	publications/	publications/	NN
www-sonatype-com-3567	479	41	essential	essential	JJ
www-sonatype-com-3567	479	42	-	-	HYPH
www-sonatype-com-3567	479	43	eight	eight	CD
www-sonatype-com-3567	479	44	-	-	HYPH
www-sonatype-com-3567	479	45	maturity	maturity	NN
www-sonatype-com-3567	479	46	-	-	HYPH
www-sonatype-com-3567	479	47	model	model	NN
www-sonatype-com-3567	479	48	412020	412020	CD
www-sonatype-com-3567	479	49	STATE	STATE	NNP
www-sonatype-com-3567	479	50	OF	of	IN
www-sonatype-com-3567	479	51	THE	the	DT
www-sonatype-com-3567	479	52	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	479	53	SUPPLY	supply	NN
www-sonatype-com-3567	479	54	CHAIN	CHAIN	NNP
www-sonatype-com-3567	479	55	REPORT	REPORT	NNP
www-sonatype-com-3567	479	56	https://blog.sonatype.com/open-source-software-is-under-attack-new-event-stream-hack-is-latest-proof	https://blog.sonatype.com/open-source-software-is-under-attack-new-event-stream-hack-is-latest-proof	NNP
www-sonatype-com-3567	479	57	https://blog.sonatype.com/octopus-scanner-compromises-26-oss-projects-on-github	https://blog.sonatype.com/octopus-scanner-compromises-26-oss-projects-on-github	NNP
www-sonatype-com-3567	479	58	https://blog.sonatype.com/octopus-scanner-compromises-26-oss-projects-on-github	https://blog.sonatype.com/octopus-scanner-compromises-26-oss-projects-on-github	NNP
www-sonatype-com-3567	479	59	https://blog.sonatype.com/octopus-scanner-compromises-26-oss-projects-on-github	https://blog.sonatype.com/octopus-scanner-compromises-26-oss-projects-on-github	NNP
www-sonatype-com-3567	479	60	https://arxiv.org/pdf/2005.09535.pdf	https://arxiv.org/pdf/2005.09535.pdf	.
www-sonatype-com-3567	479	61	https://arxiv.org/pdf/2005.09535.pdf	https://arxiv.org/pdf/2005.09535.pdf	NNP
www-sonatype-com-3567	479	62	https://www.usenix.org/system/files/sec19-zimmermann.pdf	https://www.usenix.org/system/files/sec19-zimmermann.pdf	ADD
www-sonatype-com-3567	479	63	https://www.usenix.org/system/files/sec19-zimmermann.pdf	https://www.usenix.org/system/files/sec19-zimmermann.pdf	NFP
www-sonatype-com-3567	479	64	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	NNP
www-sonatype-com-3567	479	65	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	NN
www-sonatype-com-3567	479	66	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	NN
www-sonatype-com-3567	479	67	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	NN
www-sonatype-com-3567	479	68	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problem	NNS
www-sonatype-com-3567	479	69	https://medium.com/@bertusk/discord-token-stealer-discovered-in-pypi-repository-e65ed9c3de06	https://medium.com/@bertusk/discord-token-stealer-discovered-in-pypi-repository-e65ed9c3de06	NNP
www-sonatype-com-3567	479	70	https://medium.com/@bertusk/discord-token-stealer-discovered-in-pypi-repository-e65ed9c3de06	https://medium.com/@bertusk/discord-token-stealer-discovered-in-pypi-repository-e65ed9c3de06	NNP
www-sonatype-com-3567	479	71	https://medium.com/@bertusk/discord-token-stealer-discovered-in-pypi-repository-e65ed9c3de06	https://medium.com/@bertusk/discord-token-stealer-discovered-in-pypi-repository-e65ed9c3de06	NNP
www-sonatype-com-3567	479	72	https://github.com/dasfreak/Backstabbers-Knife-Collection	https://github.com/dasfreak/Backstabbers-Knife-Collection	NNP
www-sonatype-com-3567	479	73	https://github.com/dasfreak/Backstabbers-Knife-Collection	https://github.com/dasfreak/Backstabbers-Knife-Collection	NNP
www-sonatype-com-3567	479	74	https://www.cvedetails.com/cve/CVE-2019-14282	https://www.cvedetails.com/cve/CVE-2019-14282	NNP
www-sonatype-com-3567	479	75	https://www.cvedetails.com/cve/CVE-2019-14282	https://www.cvedetails.com/cve/CVE-2019-14282	NNP
www-sonatype-com-3567	479	76	http://dgb.github.io/2019/04/05/bootstrap-sass-backdoor.html	http://dgb.github.io/2019/04/05/bootstrap-sass-backdoor.html	NN
www-sonatype-com-3567	479	77	http://dgb.github.io/2019/04/05/bootstrap-sass-backdoor.html	http://dgb.github.io/2019/04/05/bootstrap-sass-backdoor.html	NNP
www-sonatype-com-3567	479	78	https://github.com/rubygems/rubygems.org/issues/2034	https://github.com/rubygems/rubygems.org/issues/2034	NNP
www-sonatype-com-3567	479	79	https://github.com/rubygems/rubygems.org/issues/2034	https://github.com/rubygems/rubygems.org/issues/2034	NNP
www-sonatype-com-3567	479	80	https://github.com/rubygems/rubygems.org/wiki/Gems-yanked-and-accounts-locked#19-aug-2019	https://github.com/rubygems/rubygems.org/wiki/gems-yanked-and-accounts-locked#19-aug-2019	UH
www-sonatype-com-3567	479	81	https://github.com/rubygems/rubygems.org/wiki/Gems-yanked-and-accounts-locked#19-aug-2019	https://github.com/rubygems/rubygems.org/wiki/gems-yanked-and-accounts-locked#19-aug-2019	VB
www-sonatype-com-3567	479	82	https://github.com/rubygems/rubygems.org/wiki/Gems-yanked-and-accounts-locked#19-aug-2019	https://github.com/rubygems/rubygems.org/wiki/gems-yanked-and-accounts-locked#19-aug-2019	NN
www-sonatype-com-3567	479	83	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	NNS
www-sonatype-com-3567	479	84	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	VBN
www-sonatype-com-3567	479	85	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	NNP
www-sonatype-com-3567	479	86	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	NNP
www-sonatype-com-3567	479	87	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	http://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse	NNP
www-sonatype-com-3567	479	88	https://www.npmjs.com/advisories/1119	https://www.npmjs.com/advisories/1119	NNP
www-sonatype-com-3567	479	89	https://www.npmjs.com/advisories/1119	https://www.npmjs.com/advisories/1119	NNP
www-sonatype-com-3567	479	90	https://www.npmjs.com/advisories/1308	https://www.npmjs.com/advisories/1308	ADD
www-sonatype-com-3567	479	91	https://www.npmjs.com/advisories/1308	https://www.npmjs.com/advisories/1308	NNP
www-sonatype-com-3567	479	92	https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/	https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/	NNP
www-sonatype-com-3567	479	93	https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/	https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/	NNP
www-sonatype-com-3567	479	94	https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/	https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/	NNP
www-sonatype-com-3567	479	95	https://gist.github.com/colby-swandale/11dadff435b02f887fc68178cd4fb0dc	https://gist.github.com/colby-swandale/11dadff435b02f887fc68178cd4fb0dc	NNP
www-sonatype-com-3567	479	96	https://gist.github.com/colby-swandale/11dadff435b02f887fc68178cd4fb0dc	https://gist.github.com/colby-swandale/11dadff435b02f887fc68178cd4fb0dc	NNP
www-sonatype-com-3567	479	97	https://gist.github.com/colby-swandale/11dadff435b02f887fc68178cd4fb0dc	https://gist.github.com/colby-swandale/11dadff435b02f887fc68178cd4fb0dc	NNP
www-sonatype-com-3567	479	98	https://www.theregister.com/2020/04/21/rubygems_bitcoin_malware	https://www.theregister.com/2020/04/21/rubygems_bitcoin_malware	NNP
www-sonatype-com-3567	479	99	https://www.theregister.com/2020/04/21/rubygems_bitcoin_malware	https://www.theregister.com/2020/04/21/rubygems_bitcoin_malware	NNP
www-sonatype-com-3567	479	100	https://www.theregister.com/2020/04/21/rubygems_bitcoin_malware	https://www.theregister.com/2020/04/21/rubygems_bitcoin_malware	NNP
www-sonatype-com-3567	479	101	https://blog.sonatype.com/saltstack-20-breaches-within-four-days	https://blog.sonatype.com/saltstack-20-breaches-within-four-days	NNP
www-sonatype-com-3567	479	102	https://blog.sonatype.com/saltstack-20-breaches-within-four-days	https://blog.sonatype.com/saltstack-20-breaches-within-four-days	NNP
www-sonatype-com-3567	479	103	https://blog.sonatype.com/saltstack-20-breaches-within-four-days	https://blog.sonatype.com/saltstack-20-breaches-within-four-days	NNP
www-sonatype-com-3567	479	104	http://https://www.daxx.com	http://https://www.daxx.com	NNP
www-sonatype-com-3567	479	105	/	/	SYM
www-sonatype-com-3567	479	106	blog	blog	NN
www-sonatype-com-3567	479	107	/	/	SYM
www-sonatype-com-3567	479	108	development	development	NN
www-sonatype-com-3567	479	109	-	-	HYPH
www-sonatype-com-3567	479	110	trends	trend	NNS
www-sonatype-com-3567	479	111	/	/	SYM
www-sonatype-com-3567	479	112	number	number	NN
www-sonatype-com-3567	479	113	-	-	HYPH
www-sonatype-com-3567	479	114	software	software	NN
www-sonatype-com-3567	479	115	-	-	HYPH
www-sonatype-com-3567	479	116	developers	developer	NNS
www-sonatype-com-3567	479	117	-	-	HYPH
www-sonatype-com-3567	479	118	world	world	NN
www-sonatype-com-3567	479	119	http://https://www.daxx.com	http://https://www.daxx.com	''
www-sonatype-com-3567	479	120	/	/	SYM
www-sonatype-com-3567	479	121	blog	blog	NN
www-sonatype-com-3567	479	122	/	/	SYM
www-sonatype-com-3567	479	123	development	development	NN
www-sonatype-com-3567	479	124	-	-	HYPH
www-sonatype-com-3567	479	125	trends	trend	NNS
www-sonatype-com-3567	479	126	/	/	SYM
www-sonatype-com-3567	479	127	number	number	NN
www-sonatype-com-3567	479	128	-	-	HYPH
www-sonatype-com-3567	479	129	software	software	NN
www-sonatype-com-3567	479	130	-	-	HYPH
www-sonatype-com-3567	479	131	developers	developer	NNS
www-sonatype-com-3567	479	132	-	-	HYPH
www-sonatype-com-3567	479	133	world	world	NN
www-sonatype-com-3567	479	134	http://https://www.daxx.com	http://https://www.daxx.com	''
www-sonatype-com-3567	479	135	/	/	SYM
www-sonatype-com-3567	479	136	blog	blog	NN
www-sonatype-com-3567	479	137	/	/	SYM
www-sonatype-com-3567	479	138	development	development	NN
www-sonatype-com-3567	479	139	-	-	HYPH
www-sonatype-com-3567	479	140	trends	trend	NNS
www-sonatype-com-3567	479	141	/	/	SYM
www-sonatype-com-3567	479	142	number	number	NN
www-sonatype-com-3567	479	143	-	-	HYPH
www-sonatype-com-3567	479	144	software	software	NN
www-sonatype-com-3567	479	145	-	-	HYPH
www-sonatype-com-3567	479	146	developers	developer	NNS
www-sonatype-com-3567	479	147	-	-	HYPH
www-sonatype-com-3567	479	148	world	world	NN
www-sonatype-com-3567	479	149	http://https://www.zdnet.com	http://https://www.zdnet.com	NNS
www-sonatype-com-3567	479	150	/	/	SYM
www-sonatype-com-3567	479	151	article	article	NN
www-sonatype-com-3567	479	152	/	/	SYM
www-sonatype-com-3567	479	153	programming	programming	NN
www-sonatype-com-3567	479	154	-	-	HYPH
www-sonatype-com-3567	479	155	languages	language	NNS
www-sonatype-com-3567	479	156	-	-	HYPH
www-sonatype-com-3567	479	157	python	python	NN
www-sonatype-com-3567	479	158	-	-	HYPH
www-sonatype-com-3567	479	159	developers	developer	NNS
www-sonatype-com-3567	479	160	-	-	HYPH
www-sonatype-com-3567	479	161	now	now	RB
www-sonatype-com-3567	479	162	-	-	HYPH
www-sonatype-com-3567	479	163	outnumber	outnumber	NN
www-sonatype-com-3567	479	164	-	-	HYPH
www-sonatype-com-3567	479	165	java	java	NN
www-sonatype-com-3567	479	166	-	-	HYPH
www-sonatype-com-3567	479	167	ones	one	NNS
www-sonatype-com-3567	479	168	http://https://www.zdnet.com	http://https://www.zdnet.com	ADD
www-sonatype-com-3567	479	169	/	/	SYM
www-sonatype-com-3567	479	170	article	article	NN
www-sonatype-com-3567	479	171	/	/	SYM
www-sonatype-com-3567	479	172	programming	programming	NN
www-sonatype-com-3567	479	173	-	-	HYPH
www-sonatype-com-3567	479	174	languages	language	NNS
www-sonatype-com-3567	479	175	-	-	HYPH
www-sonatype-com-3567	479	176	python	python	NN
www-sonatype-com-3567	479	177	-	-	HYPH
www-sonatype-com-3567	479	178	developers	developer	NNS
www-sonatype-com-3567	479	179	-	-	HYPH
www-sonatype-com-3567	479	180	now	now	RB
www-sonatype-com-3567	479	181	-	-	HYPH
www-sonatype-com-3567	479	182	outnumber	outnumber	NN
www-sonatype-com-3567	479	183	-	-	HYPH
www-sonatype-com-3567	479	184	java	java	NN
www-sonatype-com-3567	479	185	-	-	HYPH
www-sonatype-com-3567	479	186	ones	one	NNS
www-sonatype-com-3567	479	187	http://https://www.zdnet.com	http://https://www.zdnet.com	ADD
www-sonatype-com-3567	479	188	/	/	SYM
www-sonatype-com-3567	479	189	article	article	NN
www-sonatype-com-3567	479	190	/	/	SYM
www-sonatype-com-3567	479	191	programming	programming	NN
www-sonatype-com-3567	479	192	-	-	HYPH
www-sonatype-com-3567	479	193	languages	language	NNS
www-sonatype-com-3567	479	194	-	-	HYPH
www-sonatype-com-3567	479	195	python	python	NN
www-sonatype-com-3567	479	196	-	-	HYPH
www-sonatype-com-3567	479	197	developers	developer	NNS
www-sonatype-com-3567	479	198	-	-	HYPH
www-sonatype-com-3567	479	199	now	now	RB
www-sonatype-com-3567	479	200	-	-	HYPH
www-sonatype-com-3567	479	201	outnumber	outnumber	NN
www-sonatype-com-3567	479	202	-	-	HYPH
www-sonatype-com-3567	479	203	java	java	NN
www-sonatype-com-3567	479	204	-	-	HYPH
www-sonatype-com-3567	479	205	ones	one	NNS
www-sonatype-com-3567	479	206	http://https://www.zdnet.com	http://https://www.zdnet.com	ADD
www-sonatype-com-3567	479	207	/	/	SYM
www-sonatype-com-3567	479	208	article	article	NN
www-sonatype-com-3567	479	209	/	/	SYM
www-sonatype-com-3567	479	210	programming	programming	NN
www-sonatype-com-3567	479	211	-	-	HYPH
www-sonatype-com-3567	479	212	languages	language	NNS
www-sonatype-com-3567	479	213	-	-	HYPH
www-sonatype-com-3567	479	214	python	python	NN
www-sonatype-com-3567	479	215	-	-	HYPH
www-sonatype-com-3567	479	216	developers	developer	NNS
www-sonatype-com-3567	479	217	-	-	HYPH
www-sonatype-com-3567	479	218	now	now	RB
www-sonatype-com-3567	479	219	-	-	HYPH
www-sonatype-com-3567	479	220	outnumber	outnumber	NN
www-sonatype-com-3567	479	221	-	-	HYPH
www-sonatype-com-3567	479	222	java	java	NN
www-sonatype-com-3567	479	223	-	-	HYPH
www-sonatype-com-3567	479	224	ones	one	NNS
www-sonatype-com-3567	479	225	http://https://www.nuget.org	http://https://www.nuget.org	ADD
www-sonatype-com-3567	479	226	http://https://www.nuget.org	http://https://www.nuget.org	ADD
www-sonatype-com-3567	479	227	https://www.docker.com/blog/introducing-the-docker-index	https://www.docker.com/blog/introducing-the-docker-index	NNP
www-sonatype-com-3567	479	228	https://www.docker.com/blog/introducing-the-docker-index	https://www.docker.com/blog/introducing-the-docker-index	NNP
www-sonatype-com-3567	479	229	https://devclass.com/2020/02/05/docker-knits-together-hub-stats-says-pulls-over-8-billion/	https://devclass.com/2020/02/05/docker-knits-together-hub-stats-says-pulls-over-8-billion/	NNP
www-sonatype-com-3567	479	230	https://devclass.com/2020/02/05/docker-knits-together-hub-stats-says-pulls-over-8-billion/	https://devclass.com/2020/02/05/docker-knits-together-hub-stats-says-pulls-over-8-billion/	NNP
www-sonatype-com-3567	479	231	https://devclass.com/2020/02/05/docker-knits-together-hub-stats-says-pulls-over-8-billion/	https://devclass.com/2020/02/05/docker-knits-together-hub-stats-says-pulls-over-8-billion/	NNP
www-sonatype-com-3567	479	232	https://puppet.com/resources/report/2015-state-devops-report/	https://puppet.com/resources/report/2015-state-devops-report/	NNP
www-sonatype-com-3567	479	233	https://puppet.com/resources/report/2015-state-devops-report/	https://puppet.com/resources/report/2015-state-devops-report/	NNP
www-sonatype-com-3567	479	234	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	IN
www-sonatype-com-3567	479	235	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	IN
www-sonatype-com-3567	479	236	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	NN
www-sonatype-com-3567	479	237	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	NN
www-sonatype-com-3567	479	238	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	https://speakerdeck.com/eileencodes/railsconf-and-balkan-ruby-2019-the-past-present-and-future-of-rails-at-github	IN
www-sonatype-com-3567	479	239	https://www.youtube.com/watch?v=vIScxVu00bs	https://www.youtube.com/watch?v=viscxvu00b	NNS
www-sonatype-com-3567	479	240	https://www.youtube.com/watch?v=vIScxVu00bs	https://www.youtube.com/watch?v=vIScxVu00bs	NNPS
www-sonatype-com-3567	479	241	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	NNP
www-sonatype-com-3567	479	242	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	ADD
www-sonatype-com-3567	479	243	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	ADD
www-sonatype-com-3567	479	244	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	NNP
www-sonatype-com-3567	479	245	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	https://www.zdnet.com/article/the-linux-foundation-identifies-the-most-important-open-source-software-components-and-their-problems/	NNP
www-sonatype-com-3567	479	246	https://www.usenix.org/system/files/sec19-zimmermann.pdf	https://www.usenix.org/system/files/sec19-zimmermann.pdf	ADD
www-sonatype-com-3567	479	247	https://www.usenix.org/system/files/sec19-zimmermann.pdf	https://www.usenix.org/system/files/sec19-zimmermann.pdf	NFP
www-sonatype-com-3567	479	248	https://info.flexerasoftware.com/SCA-Ebook-Maturity-Open-Source-Software	https://info.flexerasoftware.com/sca-ebook-maturity-open-source-software	FW
www-sonatype-com-3567	479	249	https://info.flexerasoftware.com/SCA-Ebook-Maturity-Open-Source-Software	https://info.flexerasoftware.com/sca-ebook-maturity-open-source-software	FW
www-sonatype-com-3567	479	250	https://info.flexerasoftware.com/SCA-Ebook-Maturity-Open-Source-Software	https://info.flexerasoftware.com/SCA-Ebook-Maturity-Open-Source-Software	NNP
www-sonatype-com-3567	479	251	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	NNP
www-sonatype-com-3567	479	252	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	NNP
www-sonatype-com-3567	479	253	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	NNP
www-sonatype-com-3567	479	254	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	https://securityintelligence.com/posts/x-force-threat-intelligence-index-reveals-top-cybersecurity-risks-of-2020/	JJ
www-sonatype-com-3567	479	255	https://github.com/sethvargo/chef-sugar	https://github.com/sethvargo/chef-sugar	NN
www-sonatype-com-3567	479	256	https://github.com/sethvargo/chef-sugar	https://github.com/sethvargo/chef-sugar	NN
www-sonatype-com-3567	479	257	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	NNP
www-sonatype-com-3567	479	258	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	NNPS
www-sonatype-com-3567	479	259	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	NNPS
www-sonatype-com-3567	479	260	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	https://devclass.com/2020/01/20/rust-framework-dev-says-im-done-with-open-source-has-second-thoughts	NNPS
www-sonatype-com-3567	479	261	https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.pdf	https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.pdf	NNP
www-sonatype-com-3567	479	262	https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.pdf	https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.pdf	NNP
www-sonatype-com-3567	479	263	https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.pdf	https://wiki.linuxfoundation.org/_media/openchain/openchainspec-2.0.pdf	NNP
www-sonatype-com-3567	479	264	https://www.cisa.gov/sites/default/files/publications/ict_scrm_essentials_508.pdf	https://www.cisa.gov/sites/default/files/publications/ict_scrm_essentials_508.pdf	CD
www-sonatype-com-3567	479	265	https://www.cisa.gov/sites/default/files/publications/ict_scrm_essentials_508.pdf	https://www.cisa.gov/sites/default/files/publications/ict_scrm_essentials_508.pdf	CD
www-sonatype-com-3567	479	266	https://www.cisa.gov/sites/default/files/publications/ict_scrm_essentials_508.pdf	https://www.cisa.gov/sites/default/files/publications/ict_scrm_essentials_508.pdf	CD
www-sonatype-com-3567	479	267	https://www.congress.gov/116/bills/s2316/BILLS-116s2316is.pdf	https://www.congress.gov/116/bills/s2316/BILLS-116s2316is.pdf	NNP
www-sonatype-com-3567	479	268	https://www.congress.gov/116/bills/s2316/BILLS-116s2316is.pdf	https://www.congress.gov/116/bills/s2316/BILLS-116s2316is.pdf	NNP
www-sonatype-com-3567	479	269	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	NNP
www-sonatype-com-3567	479	270	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	NNP
www-sonatype-com-3567	479	271	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	NNP
www-sonatype-com-3567	479	272	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	https://github.com/oasis-tcs/openc2-usecases/blob/master/Cybercom-Plugfest/uc-A-comply-to-connect.md	NNP
www-sonatype-com-3567	479	273	https://www.ntia.gov/files/ntia/publications/framingsbom_20191112.pdf	https://www.ntia.gov/files/ntia/publications/framingsbom_20191112.pdf	NNP
www-sonatype-com-3567	479	274	https://www.ntia.gov/files/ntia/publications/framingsbom_20191112.pdf	https://www.ntia.gov/files/ntia/publications/framingsbom_20191112.pdf	NNP
www-sonatype-com-3567	479	275	https://www.ntia.gov/files/ntia/publications/framingsbom_20191112.pdf	https://www.ntia.gov/files/ntia/publications/framingsbom_20191112.pdf	NNP
www-sonatype-com-3567	479	276	https://www.congress.gov/116/bills/s1790/BILLS-116s1790enr.pdf	https://www.congress.gov/116/bills/s1790/bills-116s1790enr.pdf	NN
www-sonatype-com-3567	479	277	https://www.congress.gov/116/bills/s1790/BILLS-116s1790enr.pdf	https://www.congress.gov/116/bills/s1790/bills-116s1790enr.pdf	JJ
www-sonatype-com-3567	479	278	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	JJ
www-sonatype-com-3567	479	279	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	JJ
www-sonatype-com-3567	479	280	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	JJ
www-sonatype-com-3567	479	281	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	NNP
www-sonatype-com-3567	479	282	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final	NNP
www-sonatype-com-3567	479	283	https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf	https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf	NNP
www-sonatype-com-3567	479	284	https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf	https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf	NNP
www-sonatype-com-3567	479	285	https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf	https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04232020.pdf	NNP
www-sonatype-com-3567	479	286	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NNP
www-sonatype-com-3567	479	287	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NNP
www-sonatype-com-3567	479	288	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NN
www-sonatype-com-3567	479	289	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NN
www-sonatype-com-3567	479	290	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NN
www-sonatype-com-3567	479	291	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NN
www-sonatype-com-3567	479	292	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NNP
www-sonatype-com-3567	479	293	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	https://www.ncsc.gov.uk/collection/developers-collection/principles/produce-clean-maintainable-code	NNP
www-sonatype-com-3567	479	294	https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model	https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model	JJ
www-sonatype-com-3567	479	295	https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model	https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model	NNP
www-sonatype-com-3567	479	296	https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model	https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model	NNP
www-sonatype-com-3567	479	297	Appendix	Appendix	NNP
www-sonatype-com-3567	479	298	A	a	DT
www-sonatype-com-3567	479	299	Acknowledgments	Acknowledgments	NNPS
www-sonatype-com-3567	479	300	Each	each	DT
www-sonatype-com-3567	479	301	year	year	NN
www-sonatype-com-3567	479	302	,	,	,
www-sonatype-com-3567	479	303	producing	produce	VBG
www-sonatype-com-3567	479	304	the	the	DT
www-sonatype-com-3567	479	305	State	State	NNP
www-sonatype-com-3567	479	306	of	of	IN
www-sonatype-com-3567	479	307	the	the	DT
www-sonatype-com-3567	479	308	Software	Software	NNP
www-sonatype-com-3567	479	309	Supply	Supply	NNP
www-sonatype-com-3567	479	310	Chain	Chain	NNP
www-sonatype-com-3567	479	311	report	report	NN
www-sonatype-com-3567	479	312	is	be	VBZ
www-sonatype-com-3567	479	313	labor	labor	NN
www-sonatype-com-3567	479	314	of	of	IN
www-sonatype-com-3567	479	315	love	love	NN
www-sonatype-com-3567	479	316	.	.	.
www-sonatype-com-3567	480	1	It	-PRON-	PRP
www-sonatype-com-3567	480	2	is	be	VBZ
www-sonatype-com-3567	480	3	produced	produce	VBN
www-sonatype-com-3567	480	4	to	to	TO
www-sonatype-com-3567	480	5	shed	shed	VB
www-sonatype-com-3567	480	6	light	light	NN
www-sonatype-com-3567	480	7	on	on	IN
www-sonatype-com-3567	480	8	the	the	DT
www-sonatype-com-3567	480	9	patterns	pattern	NNS
www-sonatype-com-3567	480	10	and	and	CC
www-sonatype-com-3567	480	11	practices	practice	NNS
www-sonatype-com-3567	480	12	associated	associate	VBN
www-sonatype-com-3567	480	13	with	with	IN
www-sonatype-com-3567	480	14	open	open	JJ
www-sonatype-com-3567	480	15	source	source	NN
www-sonatype-com-3567	480	16	software	software	NN
www-sonatype-com-3567	480	17	development	development	NN
www-sonatype-com-3567	480	18	.	.	.
www-sonatype-com-3567	481	1	We	-PRON-	PRP
www-sonatype-com-3567	481	2	began	begin	VBD
www-sonatype-com-3567	481	3	collecting	collect	VBG
www-sonatype-com-3567	481	4	data	datum	NNS
www-sonatype-com-3567	481	5	for	for	IN
www-sonatype-com-3567	481	6	our	-PRON-	PRP$
www-sonatype-com-3567	481	7	2020	2020	CD
www-sonatype-com-3567	481	8	report	report	NN
www-sonatype-com-3567	481	9	from	from	IN
www-sonatype-com-3567	481	10	the	the	DT
www-sonatype-com-3567	481	11	moment	moment	NN
www-sonatype-com-3567	481	12	our	-PRON-	PRP$
www-sonatype-com-3567	481	13	2019	2019	CD
www-sonatype-com-3567	481	14	report	report	NN
www-sonatype-com-3567	481	15	was	be	VBD
www-sonatype-com-3567	481	16	published	publish	VBN
www-sonatype-com-3567	481	17	.	.	.
www-sonatype-com-3567	482	1	The	the	DT
www-sonatype-com-3567	482	2	report	report	NN
www-sonatype-com-3567	482	3	is	be	VBZ
www-sonatype-com-3567	482	4	made	make	VBN
www-sonatype-com-3567	482	5	possible	possible	JJ
www-sonatype-com-3567	482	6	thanks	thank	NNS
www-sonatype-com-3567	482	7	to	to	IN
www-sonatype-com-3567	482	8	a	a	DT
www-sonatype-com-3567	482	9	tremendous	tremendous	JJ
www-sonatype-com-3567	482	10	effort	effort	NN
www-sonatype-com-3567	482	11	put	put	VBN
www-sonatype-com-3567	482	12	forth	forth	RP
www-sonatype-com-3567	482	13	by	by	IN
www-sonatype-com-3567	482	14	many	many	JJ
www-sonatype-com-3567	482	15	team	team	NN
www-sonatype-com-3567	482	16	members	member	NNS
www-sonatype-com-3567	482	17	at	at	IN
www-sonatype-com-3567	482	18	Sonatype	Sonatype	NNP
www-sonatype-com-3567	482	19	,	,	,
www-sonatype-com-3567	482	20	including	include	VBG
www-sonatype-com-3567	482	21	:	:	:
www-sonatype-com-3567	482	22	Derek	Derek	NNP
www-sonatype-com-3567	482	23	Weeks	Weeks	NNP
www-sonatype-com-3567	482	24	,	,	,
www-sonatype-com-3567	482	25	Matt	Matt	NNP
www-sonatype-com-3567	482	26	Howard	Howard	NNP
www-sonatype-com-3567	482	27	,	,	,
www-sonatype-com-3567	482	28	Joel	Joel	NNP
www-sonatype-com-3567	482	29	Orlina	Orlina	NNP
www-sonatype-com-3567	482	30	,	,	,
www-sonatype-com-3567	482	31	Bruce	Bruce	NNP
www-sonatype-com-3567	482	32	Mayhew	Mayhew	NNP
www-sonatype-com-3567	482	33	,	,	,
www-sonatype-com-3567	482	34	Gazi	Gazi	NNP
www-sonatype-com-3567	482	35	Mahmud	Mahmud	NNP
www-sonatype-com-3567	482	36	,	,	,
www-sonatype-com-3567	482	37	Dariush	Dariush	NNP
www-sonatype-com-3567	482	38	Griffin	Griffin	NNP
www-sonatype-com-3567	482	39	,	,	,
www-sonatype-com-3567	482	40	Brian	Brian	NNP
www-sonatype-com-3567	482	41	Fox	Fox	NNP
www-sonatype-com-3567	482	42	,	,	,
www-sonatype-com-3567	482	43	AJ	AJ	NNP
www-sonatype-com-3567	482	44	Brown	Brown	NNP
www-sonatype-com-3567	482	45	,	,	,
www-sonatype-com-3567	482	46	Ember	Ember	NNP
www-sonatype-com-3567	482	47	DeBoer	DeBoer	NNP
www-sonatype-com-3567	482	48	,	,	,
www-sonatype-com-3567	482	49	Mike	Mike	NNP
www-sonatype-com-3567	482	50	Donovan	Donovan	NNP
www-sonatype-com-3567	482	51	,	,	,
www-sonatype-com-3567	482	52	Cameron	Cameron	NNP
www-sonatype-com-3567	482	53	Townsend	Townsend	NNP
www-sonatype-com-3567	482	54	,	,	,
www-sonatype-com-3567	482	55	Ilkka	Ilkka	NNP
www-sonatype-com-3567	482	56	Turunen	Turunen	NNP
www-sonatype-com-3567	482	57	,	,	,
www-sonatype-com-3567	482	58	Alexis	Alexis	NNP
www-sonatype-com-3567	482	59	Del	Del	NNP
www-sonatype-com-3567	482	60	Duke	Duke	NNP
www-sonatype-com-3567	482	61	,	,	,
www-sonatype-com-3567	482	62	Elissa	Elissa	NNP
www-sonatype-com-3567	482	63	Walters	Walters	NNP
www-sonatype-com-3567	482	64	,	,	,
www-sonatype-com-3567	482	65	Adam	Adam	NNP
www-sonatype-com-3567	482	66	Cazzolla	Cazzolla	NNP
www-sonatype-com-3567	482	67	,	,	,
www-sonatype-com-3567	482	68	Keith	Keith	NNP
www-sonatype-com-3567	482	69	Sprochi	Sprochi	NNP
www-sonatype-com-3567	482	70	,	,	,
www-sonatype-com-3567	482	71	and	and	CC
www-sonatype-com-3567	482	72	Neil	Neil	NNP
www-sonatype-com-3567	482	73	Donewar	Donewar	NNP
www-sonatype-com-3567	482	74	.	.	.
www-sonatype-com-3567	483	1	We	-PRON-	PRP
www-sonatype-com-3567	483	2	would	would	MD
www-sonatype-com-3567	483	3	also	also	RB
www-sonatype-com-3567	483	4	like	like	VB
www-sonatype-com-3567	483	5	to	to	TO
www-sonatype-com-3567	483	6	offer	offer	VB
www-sonatype-com-3567	483	7	thanks	thank	NNS
www-sonatype-com-3567	483	8	for	for	IN
www-sonatype-com-3567	483	9	contributions	contribution	NNS
www-sonatype-com-3567	483	10	big	big	JJ
www-sonatype-com-3567	483	11	and	and	CC
www-sonatype-com-3567	483	12	small	small	JJ
www-sonatype-com-3567	483	13	from	from	IN
www-sonatype-com-3567	483	14	:	:	:
www-sonatype-com-3567	483	15	Hasan	Hasan	NNP
www-sonatype-com-3567	483	16	Yasar	Yasar	NNP
www-sonatype-com-3567	483	17	(	(	-LRB-
www-sonatype-com-3567	483	18	Carnegie	Carnegie	NNP
www-sonatype-com-3567	483	19	Mellon	Mellon	NNP
www-sonatype-com-3567	483	20	University	University	NNP
www-sonatype-com-3567	483	21	Software	Software	NNP
www-sonatype-com-3567	483	22	Engineering	Engineering	NNP
www-sonatype-com-3567	483	23	Institute	Institute	NNP
www-sonatype-com-3567	483	24	)	)	-RRB-
www-sonatype-com-3567	483	25	,	,	,
www-sonatype-com-3567	483	26	DJ	DJ	NNP
www-sonatype-com-3567	483	27	Schleen	Schleen	NNP
www-sonatype-com-3567	483	28	(	(	-LRB-
www-sonatype-com-3567	483	29	Rally	Rally	NNP
www-sonatype-com-3567	483	30	Health	Health	NNP
www-sonatype-com-3567	483	31	)	)	-RRB-
www-sonatype-com-3567	483	32	,	,	,
www-sonatype-com-3567	483	33	and	and	CC
www-sonatype-com-3567	483	34	others	other	NNS
www-sonatype-com-3567	483	35	across	across	IN
www-sonatype-com-3567	483	36	the	the	DT
www-sonatype-com-3567	483	37	DevOps	DevOps	NNP
www-sonatype-com-3567	483	38	and	and	CC
www-sonatype-com-3567	483	39	open	open	JJ
www-sonatype-com-3567	483	40	source	source	NN
www-sonatype-com-3567	483	41	development	development	NN
www-sonatype-com-3567	483	42	community	community	NN
www-sonatype-com-3567	483	43	.	.	.
www-sonatype-com-3567	484	1	A	a	DT
www-sonatype-com-3567	484	2	very	very	RB
www-sonatype-com-3567	484	3	special	special	JJ
www-sonatype-com-3567	484	4	thanks	thank	NNS
www-sonatype-com-3567	484	5	goes	go	VBZ
www-sonatype-com-3567	484	6	out	out	RP
www-sonatype-com-3567	484	7	to	to	IN
www-sonatype-com-3567	484	8	Melissa	Melissa	NNP
www-sonatype-com-3567	484	9	Schmidt	Schmidt	NNP
www-sonatype-com-3567	484	10	who	who	WP
www-sonatype-com-3567	484	11	created	create	VBD
www-sonatype-com-3567	484	12	the	the	DT
www-sonatype-com-3567	484	13	incredible	incredible	JJ
www-sonatype-com-3567	484	14	design	design	NN
www-sonatype-com-3567	484	15	for	for	IN
www-sonatype-com-3567	484	16	this	this	DT
www-sonatype-com-3567	484	17	year	year	NN
www-sonatype-com-3567	484	18	’s	’s	POS
www-sonatype-com-3567	484	19	report	report	NN
www-sonatype-com-3567	484	20	.	.	.
www-sonatype-com-3567	485	1	Finally	finally	RB
www-sonatype-com-3567	485	2	,	,	,
www-sonatype-com-3567	485	3	we	-PRON-	PRP
www-sonatype-com-3567	485	4	could	could	MD
www-sonatype-com-3567	485	5	not	not	RB
www-sonatype-com-3567	485	6	have	have	VB
www-sonatype-com-3567	485	7	produced	produce	VBN
www-sonatype-com-3567	485	8	this	this	DT
www-sonatype-com-3567	485	9	report	report	NN
www-sonatype-com-3567	485	10	without	without	IN
www-sonatype-com-3567	485	11	the	the	DT
www-sonatype-com-3567	485	12	amazing	amazing	JJ
www-sonatype-com-3567	485	13	contributions	contribution	NNS
www-sonatype-com-3567	485	14	and	and	CC
www-sonatype-com-3567	485	15	countless	countless	JJ
www-sonatype-com-3567	485	16	hours	hour	NNS
www-sonatype-com-3567	485	17	of	of	IN
www-sonatype-com-3567	485	18	deep	deep	JJ
www-sonatype-com-3567	485	19	analysis	analysis	NN
www-sonatype-com-3567	485	20	from	from	IN
www-sonatype-com-3567	485	21	our	-PRON-	PRP$
www-sonatype-com-3567	485	22	research	research	NN
www-sonatype-com-3567	485	23	partners	partner	NNS
www-sonatype-com-3567	485	24	Gene	Gene	NNP
www-sonatype-com-3567	485	25	Kim	Kim	NNP
www-sonatype-com-3567	485	26	from	from	IN
www-sonatype-com-3567	485	27	IT	IT	NNP
www-sonatype-com-3567	485	28	Revolution	Revolution	NNP
www-sonatype-com-3567	485	29	and	and	CC
www-sonatype-com-3567	485	30	Dr.	Dr.	NNP
www-sonatype-com-3567	485	31	Stephen	Stephen	NNP
www-sonatype-com-3567	485	32	Magill	Magill	NNP
www-sonatype-com-3567	485	33	,	,	,
www-sonatype-com-3567	485	34	CEO	CEO	NNP
www-sonatype-com-3567	485	35	of	of	IN
www-sonatype-com-3567	485	36	MuseDev	MuseDev	NNP
www-sonatype-com-3567	485	37	.	.	.
www-sonatype-com-3567	486	1	422020	422020	CD
www-sonatype-com-3567	486	2	STATE	STATE	NNP
www-sonatype-com-3567	486	3	OF	of	IN
www-sonatype-com-3567	486	4	THE	the	DT
www-sonatype-com-3567	486	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	486	6	SUPPLY	supply	NN
www-sonatype-com-3567	486	7	CHAIN	CHAIN	NNP
www-sonatype-com-3567	486	8	REPORT	REPORT	NNP
www-sonatype-com-3567	486	9	Appendix	Appendix	NNP
www-sonatype-com-3567	486	10	B	B	NNP
www-sonatype-com-3567	486	11	About	about	IN
www-sonatype-com-3567	486	12	the	the	DT
www-sonatype-com-3567	486	13	Analysis	analysis	NN
www-sonatype-com-3567	486	14	The	the	DT
www-sonatype-com-3567	486	15	authors	author	NNS
www-sonatype-com-3567	486	16	have	have	VBP
www-sonatype-com-3567	486	17	taken	take	VBN
www-sonatype-com-3567	486	18	great	great	JJ
www-sonatype-com-3567	486	19	care	care	NN
www-sonatype-com-3567	486	20	to	to	TO
www-sonatype-com-3567	486	21	present	present	VB
www-sonatype-com-3567	486	22	statistically	statistically	RB
www-sonatype-com-3567	486	23	significant	significant	JJ
www-sonatype-com-3567	486	24	sample	sample	NN
www-sonatype-com-3567	486	25	sizes	size	NNS
www-sonatype-com-3567	486	26	with	with	IN
www-sonatype-com-3567	486	27	regard	regard	NN
www-sonatype-com-3567	486	28	to	to	TO
www-sonatype-com-3567	486	29	component	component	VB
www-sonatype-com-3567	486	30	versions	version	NNS
www-sonatype-com-3567	486	31	,	,	,
www-sonatype-com-3567	486	32	downloads	download	NNS
www-sonatype-com-3567	486	33	,	,	,
www-sonatype-com-3567	486	34	vulnerability	vulnerability	NN
www-sonatype-com-3567	486	35	counts	count	NNS
www-sonatype-com-3567	486	36	,	,	,
www-sonatype-com-3567	486	37	and	and	CC
www-sonatype-com-3567	486	38	other	other	JJ
www-sonatype-com-3567	486	39	data	datum	NNS
www-sonatype-com-3567	486	40	surfaced	surface	VBN
www-sonatype-com-3567	486	41	in	in	IN
www-sonatype-com-3567	486	42	this	this	DT
www-sonatype-com-3567	486	43	year	year	NN
www-sonatype-com-3567	486	44	’s	’s	POS
www-sonatype-com-3567	486	45	report	report	NN
www-sonatype-com-3567	486	46	.	.	.
www-sonatype-com-3567	487	1	While	while	IN
www-sonatype-com-3567	487	2	Sonatype	Sonatype	NNP
www-sonatype-com-3567	487	3	has	have	VBZ
www-sonatype-com-3567	487	4	direct	direct	JJ
www-sonatype-com-3567	487	5	access	access	NN
www-sonatype-com-3567	487	6	to	to	IN
www-sonatype-com-3567	487	7	primary	primary	JJ
www-sonatype-com-3567	487	8	data	datum	NNS
www-sonatype-com-3567	487	9	for	for	IN
www-sonatype-com-3567	487	10	Java	Java	NNP
www-sonatype-com-3567	487	11	,	,	,
www-sonatype-com-3567	487	12	JavaScript	JavaScript	NNP
www-sonatype-com-3567	487	13	,	,	,
www-sonatype-com-3567	487	14	Python	Python	NNP
www-sonatype-com-3567	487	15	,	,	,
www-sonatype-com-3567	487	16	.NET	.NET	NNP
www-sonatype-com-3567	487	17	and	and	CC
www-sonatype-com-3567	487	18	other	other	JJ
www-sonatype-com-3567	487	19	component	component	NN
www-sonatype-com-3567	487	20	formats	format	NNS
www-sonatype-com-3567	487	21	,	,	,
www-sonatype-com-3567	487	22	we	-PRON-	PRP
www-sonatype-com-3567	487	23	also	also	RB
www-sonatype-com-3567	487	24	reference	reference	VBP
www-sonatype-com-3567	487	25	third	third	JJ
www-sonatype-com-3567	487	26	-	-	HYPH
www-sonatype-com-3567	487	27	party	party	NN
www-sonatype-com-3567	487	28	data	datum	NNS
www-sonatype-com-3567	487	29	sources	source	NNS
www-sonatype-com-3567	487	30	as	as	IN
www-sonatype-com-3567	487	31	documented	document	VBN
www-sonatype-com-3567	487	32	.	.	.
www-sonatype-com-3567	488	1	Design	design	NN
www-sonatype-com-3567	488	2	of	of	IN
www-sonatype-com-3567	488	3	the	the	DT
www-sonatype-com-3567	488	4	Survey	Survey	NNP
www-sonatype-com-3567	488	5	Questions	Questions	NNPS
www-sonatype-com-3567	488	6	Used	use	VBD
www-sonatype-com-3567	488	7	to	to	TO
www-sonatype-com-3567	488	8	Analyze	analyze	VB
www-sonatype-com-3567	488	9	Open	open	JJ
www-sonatype-com-3567	488	10	Source	source	NN
www-sonatype-com-3567	488	11	Component	component	NN
www-sonatype-com-3567	488	12	Use	Use	NNP
www-sonatype-com-3567	488	13	in	in	IN
www-sonatype-com-3567	488	14	Enterprises	Enterprises	NNP
www-sonatype-com-3567	488	15	Questions	Questions	NNPS
www-sonatype-com-3567	488	16	were	be	VBD
www-sonatype-com-3567	488	17	designed	design	VBN
www-sonatype-com-3567	488	18	to	to	TO
www-sonatype-com-3567	488	19	enable	enable	VB
www-sonatype-com-3567	488	20	quantitative	quantitative	JJ
www-sonatype-com-3567	488	21	analysis	analysis	NN
www-sonatype-com-3567	488	22	.	.	.
www-sonatype-com-3567	489	1	Most	Most	JJS
www-sonatype-com-3567	489	2	questions	question	NNS
www-sonatype-com-3567	489	3	were	be	VBD
www-sonatype-com-3567	489	4	built	build	VBN
www-sonatype-com-3567	489	5	on	on	IN
www-sonatype-com-3567	489	6	a	a	DT
www-sonatype-com-3567	489	7	7-point	7-point	CD
www-sonatype-com-3567	489	8	Likert	Likert	NNP
www-sonatype-com-3567	489	9	scale	scale	NN
www-sonatype-com-3567	489	10	measuring	measure	VBG
www-sonatype-com-3567	489	11	extent	extent	NN
www-sonatype-com-3567	489	12	of	of	IN
www-sonatype-com-3567	489	13	agreement	agreement	NN
www-sonatype-com-3567	489	14	(	(	-LRB-
www-sonatype-com-3567	489	15	“	"	``
www-sonatype-com-3567	489	16	strongly	strongly	RB
www-sonatype-com-3567	489	17	agree	agree	VBP
www-sonatype-com-3567	489	18	”	"	''
www-sonatype-com-3567	489	19	to	to	TO
www-sonatype-com-3567	489	20	“	"	``
www-sonatype-com-3567	489	21	strongly	strongly	RB
www-sonatype-com-3567	489	22	disagree	disagree	VB
www-sonatype-com-3567	489	23	”	"	''
www-sonatype-com-3567	489	24	)	)	-RRB-
www-sonatype-com-3567	489	25	or	or	CC
www-sonatype-com-3567	489	26	time	time	NN
www-sonatype-com-3567	489	27	scales	scale	NNS
www-sonatype-com-3567	489	28	(	(	-LRB-
www-sonatype-com-3567	489	29	e.g.	e.g.	RB
www-sonatype-com-3567	490	1	“	"	``
www-sonatype-com-3567	490	2	How	how	WRB
www-sonatype-com-3567	490	3	frequently	frequently	RB
www-sonatype-com-3567	490	4	do	do	VBP
www-sonatype-com-3567	490	5	you	-PRON-	PRP
www-sonatype-com-3567	490	6	deploy	deploy	VB
www-sonatype-com-3567	490	7	to	to	IN
www-sonatype-com-3567	490	8	production	production	NN
www-sonatype-com-3567	490	9	?	?	.
www-sonatype-com-3567	490	10	”	"	''
www-sonatype-com-3567	490	11	with	with	IN
www-sonatype-com-3567	490	12	options	option	NNS
www-sonatype-com-3567	490	13	such	such	JJ
www-sonatype-com-3567	490	14	as	as	IN
www-sonatype-com-3567	490	15	“	"	``
www-sonatype-com-3567	490	16	with	with	IN
www-sonatype-com-3567	490	17	every	every	DT
www-sonatype-com-3567	490	18	change	change	NN
www-sonatype-com-3567	490	19	,	,	,
www-sonatype-com-3567	490	20	”	"	''
www-sonatype-com-3567	490	21	“	"	``
www-sonatype-com-3567	490	22	multiple	multiple	JJ
www-sonatype-com-3567	490	23	times	time	NNS
www-sonatype-com-3567	490	24	per	per	IN
www-sonatype-com-3567	490	25	day	day	NN
www-sonatype-com-3567	490	26	,	,	,
www-sonatype-com-3567	490	27	”	"	''
www-sonatype-com-3567	490	28	“	"	``
www-sonatype-com-3567	490	29	multiple	multiple	JJ
www-sonatype-com-3567	490	30	times	time	NNS
www-sonatype-com-3567	490	31	per	per	IN
www-sonatype-com-3567	490	32	week	week	NN
www-sonatype-com-3567	490	33	,	,	,
www-sonatype-com-3567	490	34	”	"	''
www-sonatype-com-3567	490	35	“	"	``
www-sonatype-com-3567	490	36	once	once	RB
www-sonatype-com-3567	490	37	per	per	IN
www-sonatype-com-3567	490	38	week	week	NN
www-sonatype-com-3567	490	39	,	,	,
www-sonatype-com-3567	490	40	”	"	''
www-sonatype-com-3567	490	41	etc	etc	FW
www-sonatype-com-3567	490	42	.	.	.
www-sonatype-com-3567	490	43	)	)	-RRB-
www-sonatype-com-3567	490	44	.	.	.
www-sonatype-com-3567	491	1	Where	where	WRB
www-sonatype-com-3567	491	2	there	there	EX
www-sonatype-com-3567	491	3	were	be	VBD
www-sonatype-com-3567	491	4	multiple	multiple	JJ
www-sonatype-com-3567	491	5	ways	way	NNS
www-sonatype-com-3567	491	6	to	to	TO
www-sonatype-com-3567	491	7	ask	ask	VB
www-sonatype-com-3567	491	8	about	about	IN
www-sonatype-com-3567	491	9	a	a	DT
www-sonatype-com-3567	491	10	particular	particular	JJ
www-sonatype-com-3567	491	11	attribute	attribute	NN
www-sonatype-com-3567	491	12	(	(	-LRB-
www-sonatype-com-3567	491	13	e.g.	e.g.	RB
www-sonatype-com-3567	492	1	“	"	``
www-sonatype-com-3567	492	2	Job	Job	NNP
www-sonatype-com-3567	492	3	Satisfaction	Satisfaction	NNP
www-sonatype-com-3567	492	4	”	"	''
www-sonatype-com-3567	492	5	)	)	-RRB-
www-sonatype-com-3567	492	6	,	,	,
www-sonatype-com-3567	492	7	multiple	multiple	JJ
www-sonatype-com-3567	492	8	questions	question	NNS
www-sonatype-com-3567	492	9	were	be	VBD
www-sonatype-com-3567	492	10	included	include	VBN
www-sonatype-com-3567	492	11	and	and	CC
www-sonatype-com-3567	492	12	combined	combine	VBN
www-sonatype-com-3567	492	13	into	into	IN
www-sonatype-com-3567	492	14	a	a	DT
www-sonatype-com-3567	492	15	single	single	JJ
www-sonatype-com-3567	492	16	dimension	dimension	NN
www-sonatype-com-3567	492	17	for	for	IN
www-sonatype-com-3567	492	18	analysis	analysis	NN
www-sonatype-com-3567	492	19	(	(	-LRB-
www-sonatype-com-3567	492	20	e.g.	e.g.	RB
www-sonatype-com-3567	493	1	“	"	``
www-sonatype-com-3567	493	2	I	-PRON-	PRP
www-sonatype-com-3567	493	3	am	be	VBP
www-sonatype-com-3567	493	4	satis-	satis-	NN
www-sonatype-com-3567	493	5	fied	fie	VBN
www-sonatype-com-3567	493	6	with	with	IN
www-sonatype-com-3567	493	7	my	-PRON-	PRP$
www-sonatype-com-3567	493	8	job	job	NN
www-sonatype-com-3567	493	9	,	,	,
www-sonatype-com-3567	493	10	”	"	''
www-sonatype-com-3567	493	11	“	"	``
www-sonatype-com-3567	493	12	I	-PRON-	PRP
www-sonatype-com-3567	493	13	would	would	MD
www-sonatype-com-3567	493	14	recommend	recommend	VB
www-sonatype-com-3567	493	15	this	this	DT
www-sonatype-com-3567	493	16	organization	organization	NN
www-sonatype-com-3567	493	17	as	as	IN
www-sonatype-com-3567	493	18	a	a	DT
www-sonatype-com-3567	493	19	good	good	JJ
www-sonatype-com-3567	493	20	place	place	NN
www-sonatype-com-3567	493	21	to	to	TO
www-sonatype-com-3567	493	22	work	work	VB
www-sonatype-com-3567	493	23	,	,	,
www-sonatype-com-3567	493	24	”	"	''
www-sonatype-com-3567	493	25	“	"	``
www-sonatype-com-3567	493	26	I	-PRON-	PRP
www-sonatype-com-3567	493	27	have	have	VBP
www-sonatype-com-3567	493	28	the	the	DT
www-sonatype-com-3567	493	29	tools	tool	NNS
www-sonatype-com-3567	493	30	and	and	CC
www-sonatype-com-3567	493	31	resources	resource	NNS
www-sonatype-com-3567	493	32	I	-PRON-	PRP
www-sonatype-com-3567	493	33	need	need	VBP
www-sonatype-com-3567	493	34	to	to	TO
www-sonatype-com-3567	493	35	do	do	VB
www-sonatype-com-3567	493	36	my	-PRON-	PRP$
www-sonatype-com-3567	493	37	job	job	NN
www-sonatype-com-3567	493	38	,	,	,
www-sonatype-com-3567	493	39	”	"	''
www-sonatype-com-3567	493	40	etc	etc	FW
www-sonatype-com-3567	493	41	.	.	.
www-sonatype-com-3567	493	42	)	)	-RRB-
www-sonatype-com-3567	493	43	.	.	.
www-sonatype-com-3567	494	1	When	when	WRB
www-sonatype-com-3567	494	2	multiple	multiple	JJ
www-sonatype-com-3567	494	3	questions	question	NNS
www-sonatype-com-3567	494	4	were	be	VBD
www-sonatype-com-3567	494	5	combined	combine	VBN
www-sonatype-com-3567	494	6	into	into	IN
www-sonatype-com-3567	494	7	a	a	DT
www-sonatype-com-3567	494	8	single	single	JJ
www-sonatype-com-3567	494	9	measure	measure	NN
www-sonatype-com-3567	494	10	,	,	,
www-sonatype-com-3567	494	11	we	-PRON-	PRP
www-sonatype-com-3567	494	12	verified	verify	VBD
www-sonatype-com-3567	494	13	that	that	IN
www-sonatype-com-3567	494	14	the	the	DT
www-sonatype-com-3567	494	15	question	question	NN
www-sonatype-com-3567	494	16	responses	response	NNS
www-sonatype-com-3567	494	17	were	be	VBD
www-sonatype-com-3567	494	18	strongly	strongly	RB
www-sonatype-com-3567	494	19	correlated	correlate	VBN
www-sonatype-com-3567	494	20	and	and	CC
www-sonatype-com-3567	494	21	used	use	VBN
www-sonatype-com-3567	494	22	principal	principal	JJ
www-sonatype-com-3567	494	23	components	component	NNS
www-sonatype-com-3567	494	24	analysis	analysis	NN
www-sonatype-com-3567	494	25	to	to	TO
www-sonatype-com-3567	494	26	perform	perform	VB
www-sonatype-com-3567	494	27	the	the	DT
www-sonatype-com-3567	494	28	dimensionality	dimensionality	NN
www-sonatype-com-3567	494	29	reduction	reduction	NN
www-sonatype-com-3567	494	30	.	.	.
www-sonatype-com-3567	495	1	Independent	independent	JJ
www-sonatype-com-3567	495	2	Variables	variable	NNS
www-sonatype-com-3567	495	3	Measured	measure	VBN
www-sonatype-com-3567	495	4	When	when	WRB
www-sonatype-com-3567	495	5	Analyzing	analyze	VBG
www-sonatype-com-3567	495	6	OSS	OSS	NNP
www-sonatype-com-3567	495	7	Component	Component	NNP
www-sonatype-com-3567	495	8	Use	Use	NNP
www-sonatype-com-3567	495	9	in	in	IN
www-sonatype-com-3567	495	10	Enterprises	Enterprises	NNP
www-sonatype-com-3567	495	11	In	in	IN
www-sonatype-com-3567	495	12	our	-PRON-	PRP$
www-sonatype-com-3567	495	13	survey	survey	NN
www-sonatype-com-3567	495	14	of	of	IN
www-sonatype-com-3567	495	15	over	over	IN
www-sonatype-com-3567	495	16	600	600	CD
www-sonatype-com-3567	495	17	development	development	NN
www-sonatype-com-3567	495	18	professionals	professional	NNS
www-sonatype-com-3567	495	19	to	to	TO
www-sonatype-com-3567	495	20	assess	assess	VB
www-sonatype-com-3567	495	21	how	how	WRB
www-sonatype-com-3567	495	22	practices	practice	NNS
www-sonatype-com-3567	495	23	and	and	CC
www-sonatype-com-3567	495	24	outcomes	outcome	NNS
www-sonatype-com-3567	495	25	related	related	JJ
www-sonatype-com-3567	495	26	to	to	IN
www-sonatype-com-3567	495	27	their	-PRON-	PRP$
www-sonatype-com-3567	495	28	use	use	NN
www-sonatype-com-3567	495	29	of	of	IN
www-sonatype-com-3567	495	30	open	open	JJ
www-sonatype-com-3567	495	31	source	source	NN
www-sonatype-com-3567	495	32	components	component	NNS
www-sonatype-com-3567	495	33	,	,	,
www-sonatype-com-3567	495	34	we	-PRON-	PRP
www-sonatype-com-3567	495	35	mea-	mea-	VBP
www-sonatype-com-3567	495	36	sured	sure	VBD
www-sonatype-com-3567	495	37	the	the	DT
www-sonatype-com-3567	495	38	following	follow	VBG
www-sonatype-com-3567	495	39	factors	factor	NNS
www-sonatype-com-3567	495	40	to	to	TO
www-sonatype-com-3567	495	41	test	test	VB
www-sonatype-com-3567	495	42	their	-PRON-	PRP$
www-sonatype-com-3567	495	43	effects	effect	NNS
www-sonatype-com-3567	495	44	on	on	IN
www-sonatype-com-3567	495	45	the	the	DT
www-sonatype-com-3567	495	46	independent	independent	JJ
www-sonatype-com-3567	495	47	variables	variable	NNS
www-sonatype-com-3567	495	48	described	describe	VBN
www-sonatype-com-3567	495	49	above	above	RB
www-sonatype-com-3567	495	50	:	:	:
www-sonatype-com-3567	495	51	DEVELOPMENT	development	NN
www-sonatype-com-3567	495	52	PRACTICES	practice	NNS
www-sonatype-com-3567	495	53	Development	development	NN
www-sonatype-com-3567	495	54	philosophy	philosophy	NN
www-sonatype-com-3567	495	55	:	:	:
www-sonatype-com-3567	495	56	the	the	DT
www-sonatype-com-3567	495	57	general	general	JJ
www-sonatype-com-3567	495	58	philosophy	philosophy	NN
www-sonatype-com-3567	495	59	of	of	IN
www-sonatype-com-3567	495	60	development	development	NN
www-sonatype-com-3567	495	61	practice	practice	NN
www-sonatype-com-3567	495	62	used	use	VBN
www-sonatype-com-3567	495	63	by	by	IN
www-sonatype-com-3567	495	64	your	-PRON-	PRP$
www-sonatype-com-3567	495	65	team	team	NN
www-sonatype-com-3567	495	66	on	on	IN
www-sonatype-com-3567	495	67	a	a	DT
www-sonatype-com-3567	495	68	spectrum	spectrum	NN
www-sonatype-com-3567	495	69	from	from	IN
www-sonatype-com-3567	495	70	“	"	``
www-sonatype-com-3567	495	71	waterfall	waterfall	NNP
www-sonatype-com-3567	495	72	”	"	''
www-sonatype-com-3567	495	73	to	to	TO
www-sonatype-com-3567	495	74	“	"	``
www-sonatype-com-3567	495	75	agile	agile	VB
www-sonatype-com-3567	495	76	/	/	SYM
www-sonatype-com-3567	495	77	DevOps	DevOps	NNP
www-sonatype-com-3567	495	78	”	"	''
www-sonatype-com-3567	495	79	Deployment	Deployment	NNP
www-sonatype-com-3567	495	80	automation	automation	NN
www-sonatype-com-3567	495	81	:	:	:
www-sonatype-com-3567	495	82	to	to	IN
www-sonatype-com-3567	495	83	what	what	WDT
www-sonatype-com-3567	495	84	degree	degree	NN
www-sonatype-com-3567	495	85	are	be	VBP
www-sonatype-com-3567	495	86	your	-PRON-	PRP$
www-sonatype-com-3567	495	87	application	application	NN
www-sonatype-com-3567	495	88	deploy-	deploy-	JJ
www-sonatype-com-3567	495	89	ments	ment	NNS
www-sonatype-com-3567	495	90	(	(	-LRB-
www-sonatype-com-3567	495	91	and	and	CC
www-sonatype-com-3567	495	92	configurations	configuration	NNS
www-sonatype-com-3567	495	93	)	)	-RRB-
www-sonatype-com-3567	495	94	automated	automate	VBD
www-sonatype-com-3567	495	95	.	.	.
www-sonatype-com-3567	496	1	BUILD	BUILD	NNP
www-sonatype-com-3567	496	2	,	,	,
www-sonatype-com-3567	496	3	TEST	test	NN
www-sonatype-com-3567	496	4	,	,	,
www-sonatype-com-3567	496	5	AND	and	CC
www-sonatype-com-3567	496	6	RELEASE	RELEASE	NNP
www-sonatype-com-3567	496	7	Confidence	Confidence	NNP
www-sonatype-com-3567	496	8	in	in	IN
www-sonatype-com-3567	496	9	automated	automate	VBN
www-sonatype-com-3567	496	10	testing	testing	NN
www-sonatype-com-3567	496	11	:	:	:
www-sonatype-com-3567	496	12	To	to	IN
www-sonatype-com-3567	496	13	what	what	WDT
www-sonatype-com-3567	496	14	degree	degree	NN
www-sonatype-com-3567	496	15	are	be	VBP
www-sonatype-com-3567	496	16	you	-PRON-	PRP
www-sonatype-com-3567	496	17	confident	confident	JJ
www-sonatype-com-3567	496	18	that	that	IN
www-sonatype-com-3567	496	19	when	when	WRB
www-sonatype-com-3567	496	20	the	the	DT
www-sonatype-com-3567	496	21	automated	automate	VBN
www-sonatype-com-3567	496	22	tests	test	NNS
www-sonatype-com-3567	496	23	pass	pass	VBP
www-sonatype-com-3567	496	24	the	the	DT
www-sonatype-com-3567	496	25	application	application	NN
www-sonatype-com-3567	496	26	will	will	MD
www-sonatype-com-3567	496	27	operate	operate	VB
www-sonatype-com-3567	496	28	as	as	IN
www-sonatype-com-3567	496	29	intended	intend	VBN
www-sonatype-com-3567	496	30	in	in	IN
www-sonatype-com-3567	496	31	production	production	NN
www-sonatype-com-3567	496	32	.	.	.
www-sonatype-com-3567	497	1	Scheduled	schedule	VBN
www-sonatype-com-3567	497	2	dependency	dependency	NN
www-sonatype-com-3567	497	3	updates	update	NNS
www-sonatype-com-3567	497	4	:	:	:
www-sonatype-com-3567	497	5	To	to	TO
www-sonatype-com-3567	497	6	what	what	WDT
www-sonatype-com-3567	497	7	degree	degree	NN
www-sonatype-com-3567	497	8	is	be	VBZ
www-sonatype-com-3567	497	9	updating	update	VBG
www-sonatype-com-3567	497	10	open	open	JJ
www-sonatype-com-3567	497	11	source	source	NN
www-sonatype-com-3567	497	12	dependencies	dependency	NNS
www-sonatype-com-3567	497	13	scheduled	schedule	VBN
www-sonatype-com-3567	497	14	as	as	IN
www-sonatype-com-3567	497	15	part	part	NN
www-sonatype-com-3567	497	16	of	of	IN
www-sonatype-com-3567	497	17	your	-PRON-	PRP$
www-sonatype-com-3567	497	18	regular	regular	JJ
www-sonatype-com-3567	497	19	work	work	NN
www-sonatype-com-3567	497	20	.	.	.
www-sonatype-com-3567	498	1	Scheduled	schedule	VBN
www-sonatype-com-3567	498	2	patching	patching	NN
www-sonatype-com-3567	498	3	:	:	:
www-sonatype-com-3567	498	4	To	to	IN
www-sonatype-com-3567	498	5	what	what	WDT
www-sonatype-com-3567	498	6	degree	degree	NN
www-sonatype-com-3567	498	7	is	be	VBZ
www-sonatype-com-3567	498	8	remediation	remediation	NN
www-sonatype-com-3567	498	9	of	of	IN
www-sonatype-com-3567	498	10	security	security	NN
www-sonatype-com-3567	498	11	issues	issue	NNS
www-sonatype-com-3567	498	12	treated	treat	VBN
www-sonatype-com-3567	498	13	as	as	IN
www-sonatype-com-3567	498	14	a	a	DT
www-sonatype-com-3567	498	15	regular	regular	JJ
www-sonatype-com-3567	498	16	part	part	NN
www-sonatype-com-3567	498	17	of	of	IN
www-sonatype-com-3567	498	18	development	development	NN
www-sonatype-com-3567	498	19	work	work	NN
www-sonatype-com-3567	498	20	(	(	-LRB-
www-sonatype-com-3567	498	21	i.e.	i.e.	FW
www-sonatype-com-3567	498	22	,	,	,
www-sonatype-com-3567	498	23	security	security	NN
www-sonatype-com-3567	498	24	issues	issue	NNS
www-sonatype-com-3567	498	25	are	be	VBP
www-sonatype-com-3567	498	26	treated	treat	VBN
www-sonatype-com-3567	498	27	as	as	IN
www-sonatype-com-3567	498	28	normal	normal	JJ
www-sonatype-com-3567	498	29	defects	defect	NNS
www-sonatype-com-3567	498	30	)	)	-RRB-
www-sonatype-com-3567	498	31	.	.	.
www-sonatype-com-3567	499	1	Static	static	JJ
www-sonatype-com-3567	499	2	analysis	analysis	NN
www-sonatype-com-3567	499	3	tools	tool	NNS
www-sonatype-com-3567	499	4	:	:	:
www-sonatype-com-3567	499	5	To	to	IN
www-sonatype-com-3567	499	6	what	what	WDT
www-sonatype-com-3567	499	7	degree	degree	NN
www-sonatype-com-3567	499	8	are	be	VBP
www-sonatype-com-3567	499	9	the	the	DT
www-sonatype-com-3567	499	10	output	output	NN
www-sonatype-com-3567	499	11	of	of	IN
www-sonatype-com-3567	499	12	static	static	JJ
www-sonatype-com-3567	499	13	analysis	analysis	NN
www-sonatype-com-3567	499	14	tools	tool	NNS
www-sonatype-com-3567	499	15	(	(	-LRB-
www-sonatype-com-3567	499	16	e.g.	e.g.	RB
www-sonatype-com-3567	499	17	,	,	,
www-sonatype-com-3567	499	18	Checkmarx	Checkmarx	NNP
www-sonatype-com-3567	499	19	,	,	,
www-sonatype-com-3567	499	20	Coverity	Coverity	NNP
www-sonatype-com-3567	499	21	,	,	,
www-sonatype-com-3567	499	22	Fortify	Fortify	NNP
www-sonatype-com-3567	499	23	,	,	,
www-sonatype-com-3567	499	24	etc	etc	FW
www-sonatype-com-3567	499	25	.	.	.
www-sonatype-com-3567	499	26	)	)	-RRB-
www-sonatype-com-3567	500	1	integrated	integrate	VBN
www-sonatype-com-3567	500	2	into	into	IN
www-sonatype-com-3567	500	3	your	-PRON-	PRP$
www-sonatype-com-3567	500	4	daily	daily	JJ
www-sonatype-com-3567	500	5	development	development	NN
www-sonatype-com-3567	500	6	workflows	workflow	NNS
www-sonatype-com-3567	500	7	.	.	.
www-sonatype-com-3567	501	1	Artifact	artifact	JJ
www-sonatype-com-3567	501	2	repository	repository	NN
www-sonatype-com-3567	501	3	centralization	centralization	NN
www-sonatype-com-3567	501	4	:	:	:
www-sonatype-com-3567	501	5	To	to	IN
www-sonatype-com-3567	501	6	what	what	WDT
www-sonatype-com-3567	501	7	degree	degree	NN
www-sonatype-com-3567	501	8	can	can	MD
www-sonatype-com-3567	501	9	you	-PRON-	PRP
www-sonatype-com-3567	501	10	centrally	centrally	RB
www-sonatype-com-3567	501	11	analyze	analyze	VB
www-sonatype-com-3567	501	12	all	all	DT
www-sonatype-com-3567	501	13	your	-PRON-	PRP$
www-sonatype-com-3567	501	14	deployed	deploy	VBN
www-sonatype-com-3567	501	15	artifacts	artifact	NNS
www-sonatype-com-3567	501	16	(	(	-LRB-
www-sonatype-com-3567	501	17	e.g.	e.g.	RB
www-sonatype-com-3567	501	18	,	,	,
www-sonatype-com-3567	501	19	executable	executable	JJ
www-sonatype-com-3567	501	20	binaries	binary	NNS
www-sonatype-com-3567	501	21	,	,	,
www-sonatype-com-3567	501	22	Docker	Docker	NNP
www-sonatype-com-3567	501	23	containers	container	NNS
www-sonatype-com-3567	501	24	,	,	,
www-sonatype-com-3567	501	25	infrastructure	infrastructure	NN
www-sonatype-com-3567	501	26	as	as	IN
www-sonatype-com-3567	501	27	code	code	NN
www-sonatype-com-3567	501	28	,	,	,
www-sonatype-com-3567	501	29	etc	etc	FW
www-sonatype-com-3567	501	30	.	.	.
www-sonatype-com-3567	501	31	)	)	-RRB-
www-sonatype-com-3567	502	1	for	for	IN
www-sonatype-com-3567	502	2	open	open	JJ
www-sonatype-com-3567	502	3	source	source	NN
www-sonatype-com-3567	502	4	governance	governance	NN
www-sonatype-com-3567	502	5	compliance	compliance	NN
www-sonatype-com-3567	502	6	.	.	.
www-sonatype-com-3567	503	1	OSS	OSS	NNP
www-sonatype-com-3567	503	2	SUPPLIERS	SUPPLIERS	NNPS
www-sonatype-com-3567	503	3	OSS	OSS	NNP
www-sonatype-com-3567	503	4	selection	selection	NN
www-sonatype-com-3567	503	5	criteria	criterion	NNS
www-sonatype-com-3567	503	6	:	:	:
www-sonatype-com-3567	503	7	What	what	WDT
www-sonatype-com-3567	503	8	factors	factor	NNS
www-sonatype-com-3567	503	9	are	be	VBP
www-sonatype-com-3567	503	10	considered	consider	VBN
www-sonatype-com-3567	503	11	when	when	WRB
www-sonatype-com-3567	503	12	you	-PRON-	PRP
www-sonatype-com-3567	503	13	decide	decide	VBP
www-sonatype-com-3567	503	14	whether	whether	IN
www-sonatype-com-3567	503	15	to	to	TO
www-sonatype-com-3567	503	16	use	use	VB
www-sonatype-com-3567	503	17	an	an	DT
www-sonatype-com-3567	503	18	OSS	oss	NN
www-sonatype-com-3567	503	19	component	component	NN
www-sonatype-com-3567	503	20	,	,	,
www-sonatype-com-3567	503	21	specifically	specifically	RB
www-sonatype-com-3567	503	22	popularity	popularity	NN
www-sonatype-com-3567	503	23	,	,	,
www-sonatype-com-3567	503	24	feature	feature	NN
www-sonatype-com-3567	503	25	set	set	VBN
www-sonatype-com-3567	503	26	,	,	,
www-sonatype-com-3567	503	27	ease	ease	NN
www-sonatype-com-3567	503	28	of	of	IN
www-sonatype-com-3567	503	29	integration	integration	NN
www-sonatype-com-3567	503	30	,	,	,
www-sonatype-com-3567	503	31	security	security	NN
www-sonatype-com-3567	503	32	history	history	NN
www-sonatype-com-3567	503	33	(	(	-LRB-
www-sonatype-com-3567	503	34	e.g.	e.g.	RB
www-sonatype-com-3567	504	1	have	have	VBP
www-sonatype-com-3567	504	2	there	there	EX
www-sonatype-com-3567	504	3	been	be	VBN
www-sonatype-com-3567	504	4	multiple	multiple	JJ
www-sonatype-com-3567	504	5	high	high	JJ
www-sonatype-com-3567	504	6	-	-	HYPH
www-sonatype-com-3567	504	7	risk	risk	NN
www-sonatype-com-3567	504	8	CVEs	cf	NNS
www-sonatype-com-3567	504	9	)	)	-RRB-
www-sonatype-com-3567	504	10	,	,	,
www-sonatype-com-3567	504	11	rate	rate	NN
www-sonatype-com-3567	504	12	of	of	IN
www-sonatype-com-3567	504	13	fixes	fix	NNS
www-sonatype-com-3567	504	14	(	(	-LRB-
www-sonatype-com-3567	504	15	frequency	frequency	NN
www-sonatype-com-3567	504	16	of	of	IN
www-sonatype-com-3567	504	17	security	security	NN
www-sonatype-com-3567	504	18	and	and	CC
www-sonatype-com-3567	504	19	bug	bug	NN
www-sonatype-com-3567	504	20	fixes	fix	NNS
www-sonatype-com-3567	504	21	)	)	-RRB-
www-sonatype-com-3567	504	22	,	,	,
www-sonatype-com-3567	504	23	OSS	oss	NN
www-sonatype-com-3567	504	24	license	license	NN
www-sonatype-com-3567	504	25	,	,	,
www-sonatype-com-3567	504	26	commercially	commercially	RB
www-sonatype-com-3567	504	27	available	available	JJ
www-sonatype-com-3567	504	28	support	support	NN
www-sonatype-com-3567	504	29	,	,	,
www-sonatype-com-3567	504	30	and	and	CC
www-sonatype-com-3567	504	31	foundation	foundation	NN
www-sonatype-com-3567	504	32	/	/	SYM
www-sonatype-com-3567	504	33	corporate	corporate	JJ
www-sonatype-com-3567	504	34	sponsorship	sponsorship	NN
www-sonatype-com-3567	504	35	.	.	.
www-sonatype-com-3567	505	1	OSS	oss	NN
www-sonatype-com-3567	505	2	PHILOSOPHY	PHILOSOPHY	NNS
www-sonatype-com-3567	505	3	Process	Process	NNP
www-sonatype-com-3567	505	4	to	to	TO
www-sonatype-com-3567	505	5	add	add	VB
www-sonatype-com-3567	505	6	OSS	oss	NN
www-sonatype-com-3567	505	7	components	component	NNS
www-sonatype-com-3567	505	8	:	:	:
www-sonatype-com-3567	505	9	The	the	DT
www-sonatype-com-3567	505	10	degree	degree	NN
www-sonatype-com-3567	505	11	to	to	TO
www-sonatype-com-3567	505	12	which	which	WDT
www-sonatype-com-3567	505	13	you	-PRON-	PRP
www-sonatype-com-3567	505	14	use	use	VBP
www-sonatype-com-3567	505	15	a	a	DT
www-sonatype-com-3567	505	16	well	well	RB
www-sonatype-com-3567	505	17	-	-	HYPH
www-sonatype-com-3567	505	18	defined	define	VBN
www-sonatype-com-3567	505	19	process	process	NN
www-sonatype-com-3567	505	20	to	to	TO
www-sonatype-com-3567	505	21	add	add	VB
www-sonatype-com-3567	505	22	new	new	JJ
www-sonatype-com-3567	505	23	dependencies	dependency	NNS
www-sonatype-com-3567	505	24	to	to	IN
www-sonatype-com-3567	505	25	an	an	DT
www-sonatype-com-3567	505	26	application	application	NN
www-sonatype-com-3567	505	27	(	(	-LRB-
www-sonatype-com-3567	505	28	e.g.	e.g.	RB
www-sonatype-com-3567	505	29	,	,	,
www-sonatype-com-3567	505	30	evaluate	evaluate	VB
www-sonatype-com-3567	505	31	,	,	,
www-sonatype-com-3567	505	32	approve	approve	VB
www-sonatype-com-3567	505	33	,	,	,
www-sonatype-com-3567	505	34	standardize	standardize	VB
www-sonatype-com-3567	505	35	,	,	,
www-sonatype-com-3567	505	36	etc	etc	FW
www-sonatype-com-3567	505	37	.	.	.
www-sonatype-com-3567	505	38	)	)	-RRB-
www-sonatype-com-3567	505	39	.	.	.
www-sonatype-com-3567	506	1	Process	process	NN
www-sonatype-com-3567	506	2	to	to	TO
www-sonatype-com-3567	506	3	remove	remove	VB
www-sonatype-com-3567	506	4	OSS	oss	NN
www-sonatype-com-3567	506	5	components	component	NNS
www-sonatype-com-3567	506	6	:	:	:
www-sonatype-com-3567	506	7	The	the	DT
www-sonatype-com-3567	506	8	degree	degree	NN
www-sonatype-com-3567	506	9	to	to	TO
www-sonatype-com-3567	506	10	which	which	WDT
www-sonatype-com-3567	506	11	do	do	VBP
www-sonatype-com-3567	506	12	you	-PRON-	PRP
www-sonatype-com-3567	506	13	use	use	VB
www-sonatype-com-3567	506	14	a	a	DT
www-sonatype-com-3567	506	15	well	well	RB
www-sonatype-com-3567	506	16	-	-	HYPH
www-sonatype-com-3567	506	17	defined	define	VBN
www-sonatype-com-3567	506	18	process	process	NN
www-sonatype-com-3567	506	19	to	to	TO
www-sonatype-com-3567	506	20	proactively	proactively	RB
www-sonatype-com-3567	506	21	remove	remove	VB
www-sonatype-com-3567	506	22	problematic	problematic	JJ
www-sonatype-com-3567	506	23	dependencies	dependency	NNS
www-sonatype-com-3567	506	24	.	.	.
www-sonatype-com-3567	507	1	OSS	oss	NN
www-sonatype-com-3567	507	2	enlightenment	enlightenment	NN
www-sonatype-com-3567	507	3	:	:	:
www-sonatype-com-3567	507	4	The	the	DT
www-sonatype-com-3567	507	5	degree	degree	NN
www-sonatype-com-3567	507	6	to	to	TO
www-sonatype-com-3567	507	7	which	which	WDT
www-sonatype-com-3567	507	8	OSS	OSS	NNP
www-sonatype-com-3567	507	9	is	be	VBZ
www-sonatype-com-3567	507	10	supported	support	VBN
www-sonatype-com-3567	507	11	within	within	IN
www-sonatype-com-3567	507	12	the	the	DT
www-sonatype-com-3567	507	13	orga-	orga-	JJ
www-sonatype-com-3567	507	14	nization	nization	NN
www-sonatype-com-3567	507	15	,	,	,
www-sonatype-com-3567	507	16	as	as	IN
www-sonatype-com-3567	507	17	measured	measure	VBN
www-sonatype-com-3567	507	18	by	by	IN
www-sonatype-com-3567	507	19	the	the	DT
www-sonatype-com-3567	507	20	following	follow	VBG
www-sonatype-com-3567	507	21	:	:	:
www-sonatype-com-3567	507	22	⊲	⊲	CD
www-sonatype-com-3567	507	23	For	for	IN
www-sonatype-com-3567	507	24	company	company	NN
www-sonatype-com-3567	507	25	-	-	HYPH
www-sonatype-com-3567	507	26	sponsored	sponsor	VBN
www-sonatype-com-3567	507	27	OSS	oss	NN
www-sonatype-com-3567	507	28	projects	project	NNS
www-sonatype-com-3567	507	29	,	,	,
www-sonatype-com-3567	507	30	to	to	IN
www-sonatype-com-3567	507	31	what	what	WDT
www-sonatype-com-3567	507	32	degree	degree	NN
www-sonatype-com-3567	507	33	are	be	VBP
www-sonatype-com-3567	507	34	external	external	JJ
www-sonatype-com-3567	507	35	contributions	contribution	NNS
www-sonatype-com-3567	507	36	allowed	allow	VBN
www-sonatype-com-3567	507	37	?	?	.
www-sonatype-com-3567	508	1	⊲	⊲	NNS
www-sonatype-com-3567	508	2	To	to	TO
www-sonatype-com-3567	508	3	what	what	WDT
www-sonatype-com-3567	508	4	degree	degree	NN
www-sonatype-com-3567	508	5	does	do	VBZ
www-sonatype-com-3567	508	6	your	-PRON-	PRP$
www-sonatype-com-3567	508	7	organization	organization	NN
www-sonatype-com-3567	508	8	require	require	VB
www-sonatype-com-3567	508	9	that	that	IN
www-sonatype-com-3567	508	10	all	all	DT
www-sonatype-com-3567	508	11	internal	internal	JJ
www-sonatype-com-3567	508	12	modifications	modification	NNS
www-sonatype-com-3567	508	13	to	to	TO
www-sonatype-com-3567	508	14	open	open	VB
www-sonatype-com-3567	508	15	source	source	NN
www-sonatype-com-3567	508	16	components	component	NNS
www-sonatype-com-3567	508	17	be	be	VB
www-sonatype-com-3567	508	18	contrib-	contrib-	VBN
www-sonatype-com-3567	508	19	uted	uted	JJ
www-sonatype-com-3567	508	20	back	back	RB
www-sonatype-com-3567	508	21	(	(	-LRB-
www-sonatype-com-3567	508	22	i.e.	i.e.	FW
www-sonatype-com-3567	508	23	,	,	,
www-sonatype-com-3567	508	24	“	"	``
www-sonatype-com-3567	508	25	pushed	push	VBD
www-sonatype-com-3567	508	26	upstream	upstream	NNP
www-sonatype-com-3567	508	27	”	"	''
www-sonatype-com-3567	508	28	)	)	-RRB-
www-sonatype-com-3567	508	29	?	?	.
www-sonatype-com-3567	509	1	⊲	⊲	NNS
www-sonatype-com-3567	509	2	To	to	TO
www-sonatype-com-3567	509	3	what	what	WDT
www-sonatype-com-3567	509	4	degree	degree	NN
www-sonatype-com-3567	509	5	does	do	VBZ
www-sonatype-com-3567	509	6	your	-PRON-	PRP$
www-sonatype-com-3567	509	7	leadership	leadership	NN
www-sonatype-com-3567	509	8	support	support	NN
www-sonatype-com-3567	509	9	contributing	contribute	VBG
www-sonatype-com-3567	509	10	back	back	RB
www-sonatype-com-3567	509	11	to	to	IN
www-sonatype-com-3567	509	12	open	open	JJ
www-sonatype-com-3567	509	13	source	source	NN
www-sonatype-com-3567	509	14	components	component	NNS
www-sonatype-com-3567	509	15	we	-PRON-	PRP
www-sonatype-com-3567	509	16	use	use	VBP
www-sonatype-com-3567	509	17	(	(	-LRB-
www-sonatype-com-3567	509	18	e.g.	e.g.	RB
www-sonatype-com-3567	509	19	,	,	,
www-sonatype-com-3567	509	20	engi-	engi-	XX
www-sonatype-com-3567	509	21	neering	neering	JJ
www-sonatype-com-3567	509	22	time	time	NN
www-sonatype-com-3567	509	23	,	,	,
www-sonatype-com-3567	509	24	budget	budget	NN
www-sonatype-com-3567	509	25	,	,	,
www-sonatype-com-3567	509	26	conferences	conference	NNS
www-sonatype-com-3567	509	27	)	)	-RRB-
www-sonatype-com-3567	509	28	?	?	.
www-sonatype-com-3567	510	1	ORGANIZATION	ORGANIZATION	NNP
www-sonatype-com-3567	510	2	AND	and	CC
www-sonatype-com-3567	510	3	POLICY	POLICY	NNP
www-sonatype-com-3567	510	4	Centralization	Centralization	NNP
www-sonatype-com-3567	510	5	of	of	IN
www-sonatype-com-3567	510	6	asset	asset	NN
www-sonatype-com-3567	510	7	management	management	NN
www-sonatype-com-3567	510	8	:	:	:
www-sonatype-com-3567	510	9	The	the	DT
www-sonatype-com-3567	510	10	degree	degree	NN
www-sonatype-com-3567	510	11	to	to	TO
www-sonatype-com-3567	510	12	which	which	WDT
www-sonatype-com-3567	510	13	there	there	EX
www-sonatype-com-3567	510	14	is	be	VBZ
www-sonatype-com-3567	510	15	centralized	centralize	VBN
www-sonatype-com-3567	510	16	tracking	tracking	NN
www-sonatype-com-3567	510	17	for	for	IN
www-sonatype-com-3567	510	18	every	every	DT
www-sonatype-com-3567	510	19	deployed	deploy	VBN
www-sonatype-com-3567	510	20	application	application	NN
www-sonatype-com-3567	510	21	,	,	,
www-sonatype-com-3567	510	22	its	-PRON-	PRP$
www-sonatype-com-3567	510	23	open	open	JJ
www-sonatype-com-3567	510	24	source	source	NN
www-sonatype-com-3567	510	25	dependencies	dependency	NNS
www-sonatype-com-3567	510	26	,	,	,
www-sonatype-com-3567	510	27	and	and	CC
www-sonatype-com-3567	510	28	ability	ability	NN
www-sonatype-com-3567	510	29	to	to	TO
www-sonatype-com-3567	510	30	contact	contact	VB
www-sonatype-com-3567	510	31	the	the	DT
www-sonatype-com-3567	510	32	application	application	NN
www-sonatype-com-3567	510	33	team	team	NN
www-sonatype-com-3567	510	34	members	member	NNS
www-sonatype-com-3567	510	35	.	.	.
www-sonatype-com-3567	511	1	Centralized	centralized	JJ
www-sonatype-com-3567	511	2	OSS	oss	NN
www-sonatype-com-3567	511	3	governance	governance	NN
www-sonatype-com-3567	511	4	:	:	:
www-sonatype-com-3567	511	5	The	the	DT
www-sonatype-com-3567	511	6	degree	degree	NN
www-sonatype-com-3567	511	7	to	to	TO
www-sonatype-com-3567	511	8	which	which	WDT
www-sonatype-com-3567	511	9	there	there	EX
www-sonatype-com-3567	511	10	is	be	VBZ
www-sonatype-com-3567	511	11	a	a	DT
www-sonatype-com-3567	511	12	centralized	centralized	JJ
www-sonatype-com-3567	511	13	committee	committee	NN
www-sonatype-com-3567	511	14	/	/	SYM
www-sonatype-com-3567	511	15	group	group	NNP
www-sonatype-com-3567	511	16	/	/	SYM
www-sonatype-com-3567	511	17	team	team	NN
www-sonatype-com-3567	511	18	that	that	WDT
www-sonatype-com-3567	511	19	is	be	VBZ
www-sonatype-com-3567	511	20	responsi-	responsi-	FW
www-sonatype-com-3567	511	21	ble	ble	NNP
www-sonatype-com-3567	511	22	for	for	IN
www-sonatype-com-3567	511	23	monitoring	monitor	VBG
www-sonatype-com-3567	511	24	and	and	CC
www-sonatype-com-3567	511	25	enforcing	enforce	VBG
www-sonatype-com-3567	511	26	open	open	JJ
www-sonatype-com-3567	511	27	source	source	NN
www-sonatype-com-3567	511	28	component	component	NN
www-sonatype-com-3567	511	29	governance	governance	NN
www-sonatype-com-3567	511	30	(	(	-LRB-
www-sonatype-com-3567	511	31	e.g.	e.g.	RB
www-sonatype-com-3567	511	32	,	,	,
www-sonatype-com-3567	511	33	security	security	NN
www-sonatype-com-3567	511	34	,	,	,
www-sonatype-com-3567	511	35	licensing	licensing	NN
www-sonatype-com-3567	511	36	)	)	-RRB-
www-sonatype-com-3567	511	37	.	.	.
www-sonatype-com-3567	512	1	OSS	oss	NN
www-sonatype-com-3567	512	2	enforcement	enforcement	NN
www-sonatype-com-3567	512	3	via	via	IN
www-sonatype-com-3567	512	4	automated	automate	VBN
www-sonatype-com-3567	512	5	CI	CI	NNP
www-sonatype-com-3567	512	6	:	:	:
www-sonatype-com-3567	512	7	The	the	DT
www-sonatype-com-3567	512	8	degree	degree	NN
www-sonatype-com-3567	512	9	to	to	TO
www-sonatype-com-3567	512	10	which	which	WDT
www-sonatype-com-3567	512	11	you	-PRON-	PRP
www-sonatype-com-3567	512	12	enforce	enforce	VBP
www-sonatype-com-3567	512	13	open	open	JJ
www-sonatype-com-3567	512	14	source	source	NN
www-sonatype-com-3567	512	15	component	component	NN
www-sonatype-com-3567	512	16	governance	governance	NN
www-sonatype-com-3567	512	17	(	(	-LRB-
www-sonatype-com-3567	512	18	e.g.	e.g.	RB
www-sonatype-com-3567	512	19	,	,	,
www-sonatype-com-3567	512	20	security	security	NN
www-sonatype-com-3567	512	21	,	,	,
www-sonatype-com-3567	512	22	licensing	licensing	NN
www-sonatype-com-3567	512	23	)	)	-RRB-
www-sonatype-com-3567	512	24	through	through	IN
www-sonatype-com-3567	512	25	your	-PRON-	PRP$
www-sonatype-com-3567	512	26	CI	ci	NN
www-sonatype-com-3567	512	27	infrastructure	infrastructure	NN
www-sonatype-com-3567	512	28	.	.	.
www-sonatype-com-3567	513	1	OSS	oss	NN
www-sonatype-com-3567	513	2	governance	governance	NN
www-sonatype-com-3567	513	3	enforcement	enforcement	NN
www-sonatype-com-3567	513	4	:	:	:
www-sonatype-com-3567	513	5	The	the	DT
www-sonatype-com-3567	513	6	degree	degree	NN
www-sonatype-com-3567	513	7	to	to	TO
www-sonatype-com-3567	513	8	which	which	WDT
www-sonatype-com-3567	513	9	the	the	DT
www-sonatype-com-3567	513	10	open	open	JJ
www-sonatype-com-3567	513	11	source	source	NN
www-sonatype-com-3567	513	12	approval	approval	NN
www-sonatype-com-3567	513	13	process	process	NN
www-sonatype-com-3567	513	14	is	be	VBZ
www-sonatype-com-3567	513	15	consistently	consistently	RB
www-sonatype-com-3567	513	16	followed	follow	VBN
www-sonatype-com-3567	513	17	.	.	.
www-sonatype-com-3567	514	1	432020	432020	CD
www-sonatype-com-3567	514	2	STATE	STATE	NNP
www-sonatype-com-3567	514	3	OF	of	IN
www-sonatype-com-3567	514	4	THE	the	DT
www-sonatype-com-3567	514	5	SOFTWARE	SOFTWARE	NNP
www-sonatype-com-3567	514	6	SUPPLY	supply	NN
www-sonatype-com-3567	514	7	CHAIN	CHAIN	NNP
www-sonatype-com-3567	514	8	REPORT	REPORT	NNP
www-sonatype-com-3567	514	9	Headquarters	headquarters	NN
www-sonatype-com-3567	514	10	8161	8161	CD
www-sonatype-com-3567	514	11	Maple	Maple	NNP
www-sonatype-com-3567	514	12	Lawn	Lawn	NNP
www-sonatype-com-3567	514	13	Blvd	Blvd	NNP
www-sonatype-com-3567	514	14	,	,	,
www-sonatype-com-3567	514	15	Suite	Suite	NNP
www-sonatype-com-3567	514	16	250	250	CD
www-sonatype-com-3567	514	17	Fulton	Fulton	NNP
www-sonatype-com-3567	514	18	,	,	,
www-sonatype-com-3567	514	19	MD	MD	NNP
www-sonatype-com-3567	514	20	20759	20759	CD
www-sonatype-com-3567	514	21	USA	USA	NNP
www-sonatype-com-3567	514	22	•	•	NNP
www-sonatype-com-3567	514	23	1.877.866.2836	1.877.866.2836	CD
www-sonatype-com-3567	514	24	European	European	NNP
www-sonatype-com-3567	514	25	Office	Office	NNP
www-sonatype-com-3567	514	26	199	199	CD
www-sonatype-com-3567	514	27	Bishopsgate	Bishopsgate	NNP
www-sonatype-com-3567	514	28	London	London	NNP
www-sonatype-com-3567	514	29	EC2	EC2	NNP
www-sonatype-com-3567	514	30	M	M	NNP
www-sonatype-com-3567	514	31	3TY	3ty	CD
www-sonatype-com-3567	514	32	United	United	NNP
www-sonatype-com-3567	514	33	Kingdom	Kingdom	NNP
www-sonatype-com-3567	514	34	APAC	APAC	NNP
www-sonatype-com-3567	514	35	Office	Office	NNP
www-sonatype-com-3567	514	36	5	5	CD
www-sonatype-com-3567	514	37	Martin	Martin	NNP
www-sonatype-com-3567	514	38	Place	Place	NNP
www-sonatype-com-3567	514	39	,	,	,
www-sonatype-com-3567	514	40	Level	Level	NNP
www-sonatype-com-3567	514	41	14	14	CD
www-sonatype-com-3567	514	42	Sydney	Sydney	NNP
www-sonatype-com-3567	514	43	2000	2000	CD
www-sonatype-com-3567	514	44	,	,	,
www-sonatype-com-3567	514	45	NSW	NSW	NNP
www-sonatype-com-3567	514	46	Australia	Australia	NNP
www-sonatype-com-3567	514	47	Sonatype	Sonatype	NNP
www-sonatype-com-3567	514	48	Inc.	Inc.	NNP
www-sonatype-com-3567	514	49	www.sonatype.com	www.sonatype.com	NN
www-sonatype-com-3567	514	50	Copyright	copyright	NN
www-sonatype-com-3567	514	51	2020	2020	CD
www-sonatype-com-3567	514	52	All	all	DT
www-sonatype-com-3567	514	53	Rights	Rights	NNPS
www-sonatype-com-3567	514	54	Reserved	reserve	VBN
www-sonatype-com-3567	514	55	.	.	.
www-sonatype-com-3567	515	1	Sonatype	sonatype	NN
www-sonatype-com-3567	515	2	is	be	VBZ
www-sonatype-com-3567	515	3	the	the	DT
www-sonatype-com-3567	515	4	leader	leader	NN
www-sonatype-com-3567	515	5	in	in	IN
www-sonatype-com-3567	515	6	software	software	NN
www-sonatype-com-3567	515	7	supply	supply	NN
www-sonatype-com-3567	515	8	chain	chain	NN
www-sonatype-com-3567	515	9	automation	automation	NN
www-sonatype-com-3567	515	10	technology	technology	NN
www-sonatype-com-3567	515	11	with	with	IN
www-sonatype-com-3567	515	12	more	more	JJR
www-sonatype-com-3567	515	13	than	than	IN
www-sonatype-com-3567	515	14	300	300	CD
www-sonatype-com-3567	515	15	employees	employee	NNS
www-sonatype-com-3567	515	16	,	,	,
www-sonatype-com-3567	515	17	over	over	IN
www-sonatype-com-3567	515	18	1,000	1,000	CD
www-sonatype-com-3567	515	19	enterprise	enterprise	NN
www-sonatype-com-3567	515	20	customers	customer	NNS
www-sonatype-com-3567	515	21	,	,	,
www-sonatype-com-3567	515	22	and	and	CC
www-sonatype-com-3567	515	23	is	be	VBZ
www-sonatype-com-3567	515	24	trusted	trust	VBN
www-sonatype-com-3567	515	25	by	by	IN
www-sonatype-com-3567	515	26	over	over	IN
www-sonatype-com-3567	515	27	10	10	CD
www-sonatype-com-3567	515	28	 	  	_SP
www-sonatype-com-3567	515	29	million	million	CD
www-sonatype-com-3567	515	30	software	software	NN
www-sonatype-com-3567	515	31	developers	developer	NNS
www-sonatype-com-3567	515	32	.	.	.
www-sonatype-com-3567	516	1	Sonatype	Sonatype	NNP
www-sonatype-com-3567	516	2	’s	’s	POS
www-sonatype-com-3567	516	3	Nexus	Nexus	NNP
www-sonatype-com-3567	516	4	platform	platform	NN
www-sonatype-com-3567	516	5	enables	enable	VBZ
www-sonatype-com-3567	516	6	DevOps	DevOps	NNP
www-sonatype-com-3567	516	7	teams	team	NNS
www-sonatype-com-3567	516	8	and	and	CC
www-sonatype-com-3567	516	9	developers	developer	NNS
www-sonatype-com-3567	516	10	to	to	TO
www-sonatype-com-3567	516	11	automatically	automatically	RB
www-sonatype-com-3567	516	12	integrate	integrate	VB
www-sonatype-com-3567	516	13	security	security	NN
www-sonatype-com-3567	516	14	at	at	IN
www-sonatype-com-3567	516	15	every	every	DT
www-sonatype-com-3567	516	16	stage	stage	NN
www-sonatype-com-3567	516	17	of	of	IN
www-sonatype-com-3567	516	18	the	the	DT
www-sonatype-com-3567	516	19	modern	modern	JJ
www-sonatype-com-3567	516	20	development	development	NN
www-sonatype-com-3567	516	21	pipeline	pipeline	NN
www-sonatype-com-3567	516	22	by	by	IN
www-sonatype-com-3567	516	23	combining	combine	VBG
www-sonatype-com-3567	516	24	in	in	IN
www-sonatype-com-3567	516	25	-	-	HYPH
www-sonatype-com-3567	516	26	depth	depth	NN
www-sonatype-com-3567	516	27	component	component	NN
www-sonatype-com-3567	516	28	intelligence	intelligence	NN
www-sonatype-com-3567	516	29	with	with	IN
www-sonatype-com-3567	516	30	real	real	JJ
www-sonatype-com-3567	516	31	-	-	HYPH
www-sonatype-com-3567	516	32	time	time	NN
www-sonatype-com-3567	516	33	remediation	remediation	NN
www-sonatype-com-3567	516	34	guidance	guidance	NN
www-sonatype-com-3567	516	35	.	.	.
www-sonatype-com-3567	517	1	For	for	IN
www-sonatype-com-3567	517	2	more	more	JJR
www-sonatype-com-3567	517	3	information	information	NN
www-sonatype-com-3567	517	4	,	,	,
www-sonatype-com-3567	517	5	please	please	UH
www-sonatype-com-3567	517	6	visit	visit	VB
www-sonatype-com-3567	517	7	Sonatype.com	Sonatype.com	NNP
www-sonatype-com-3567	517	8	,	,	,
www-sonatype-com-3567	517	9	or	or	CC
www-sonatype-com-3567	517	10	connect	connect	VB
www-sonatype-com-3567	517	11	with	with	IN
www-sonatype-com-3567	517	12	us	-PRON-	PRP
www-sonatype-com-3567	517	13	on	on	IN
www-sonatype-com-3567	517	14	Facebook	Facebook	NNP
www-sonatype-com-3567	517	15	,	,	,
www-sonatype-com-3567	517	16	Twitter	Twitter	NNP
www-sonatype-com-3567	517	17	,	,	,
www-sonatype-com-3567	517	18	or	or	CC
www-sonatype-com-3567	517	19	LinkedIn	LinkedIn	NNP
www-sonatype-com-3567	517	20	.	.	.
www-sonatype-com-3567	518	1	Introduction	introduction	NN
www-sonatype-com-3567	518	2	CHAPTER	chapter	NN
www-sonatype-com-3567	518	3	1	1	CD
www-sonatype-com-3567	518	4	Open	open	JJ
www-sonatype-com-3567	518	5	Season	season	NN
www-sonatype-com-3567	518	6	on	on	IN
www-sonatype-com-3567	518	7	Open	open	JJ
www-sonatype-com-3567	518	8	Source	Source	NNP
www-sonatype-com-3567	518	9	Software	Software	NNP
www-sonatype-com-3567	518	10	Supply	supply	NN
www-sonatype-com-3567	518	11	Chain	chain	NN
www-sonatype-com-3567	518	12	Attacks	attack	NNS
www-sonatype-com-3567	518	13	:	:	:
www-sonatype-com-3567	518	14	Past	past	NN
www-sonatype-com-3567	518	15	and	and	CC
www-sonatype-com-3567	518	16	Future	Future	NNP
www-sonatype-com-3567	518	17	Rise	Rise	NNP
www-sonatype-com-3567	518	18	of	of	IN
www-sonatype-com-3567	518	19	Next	next	JJ
www-sonatype-com-3567	518	20	-	-	HYPH
www-sonatype-com-3567	518	21	Gen	Gen	NNP
www-sonatype-com-3567	518	22	Software	Software	NNP
www-sonatype-com-3567	518	23	Supply	Supply	NNP
www-sonatype-com-3567	518	24	Chain	Chain	NNP
www-sonatype-com-3567	518	25	Attacks	attack	NNS
www-sonatype-com-3567	518	26	(	(	-LRB-
www-sonatype-com-3567	518	27	2015	2015	CD
www-sonatype-com-3567	518	28	-	-	SYM
www-sonatype-com-3567	518	29	2020	2020	CD
www-sonatype-com-3567	518	30	)	)	-RRB-
www-sonatype-com-3567	518	31	Speed	speed	NN
www-sonatype-com-3567	518	32	Remains	remain	VBZ
www-sonatype-com-3567	518	33	Critical	critical	JJ
www-sonatype-com-3567	518	34	When	when	WRB
www-sonatype-com-3567	518	35	Responding	respond	VBG
www-sonatype-com-3567	518	36	to	to	IN
www-sonatype-com-3567	518	37	Legacy	Legacy	NNP
www-sonatype-com-3567	518	38	Software	Software	NNP
www-sonatype-com-3567	518	39	Supply	Supply	NNP
www-sonatype-com-3567	518	40	Chain	Chain	NNP
www-sonatype-com-3567	518	41	Attacks	Attacks	NNPS
www-sonatype-com-3567	518	42	CHAPTER	chapter	NN
www-sonatype-com-3567	518	43	2	2	CD
www-sonatype-com-3567	518	44	Open	Open	NNP
www-sonatype-com-3567	518	45	Source	source	NN
www-sonatype-com-3567	518	46	:	:	:
www-sonatype-com-3567	518	47	Supply	supply	NN
www-sonatype-com-3567	518	48	and	and	CC
www-sonatype-com-3567	518	49	Demand	Demand	NNP
www-sonatype-com-3567	518	50	JavaScript	JavaScript	NNP
www-sonatype-com-3567	518	51	Java	Java	NNP
www-sonatype-com-3567	518	52	.NET	.NET	.
www-sonatype-com-3567	518	53	DockerHub	DockerHub	NNP
www-sonatype-com-3567	518	54	Chapter	chapter	NN
www-sonatype-com-3567	518	55	3	3	CD
www-sonatype-com-3567	518	56	Identifying	identify	VBG
www-sonatype-com-3567	518	57	Exemplary	Exemplary	NNP
www-sonatype-com-3567	518	58	Open	Open	NNP
www-sonatype-com-3567	518	59	Source	source	NN
www-sonatype-com-3567	518	60	Suppliers	supplier	NNS
www-sonatype-com-3567	518	61	Researching	research	VBG
www-sonatype-com-3567	518	62	the	the	DT
www-sonatype-com-3567	518	63	Best	good	JJS
www-sonatype-com-3567	518	64	Performing	Performing	NNP
www-sonatype-com-3567	518	65	OSS	oss	NN
www-sonatype-com-3567	518	66	Projects	project	NNS
www-sonatype-com-3567	518	67	Finding	find	VBG
www-sonatype-com-3567	518	68	Different	different	JJ
www-sonatype-com-3567	518	69	Behavioral	Behavioral	NNP
www-sonatype-com-3567	518	70	Groups	Groups	NNPS
www-sonatype-com-3567	518	71	Exemplars	Exemplars	NNP
www-sonatype-com-3567	518	72	Laggards	Laggards	NNP
www-sonatype-com-3567	518	73	Cautious	Cautious	NNP
www-sonatype-com-3567	518	74	Teams	team	NNS
www-sonatype-com-3567	518	75	Projects	project	NNS
www-sonatype-com-3567	518	76	with	with	IN
www-sonatype-com-3567	518	77	Updated	updated	JJ
www-sonatype-com-3567	518	78	Dependencies	dependency	NNS
www-sonatype-com-3567	518	79	Are	be	VBP
www-sonatype-com-3567	518	80	More	more	RBR
www-sonatype-com-3567	518	81	Secure	secure	JJ
www-sonatype-com-3567	518	82	Guidance	guidance	NN
www-sonatype-com-3567	518	83	for	for	IN
www-sonatype-com-3567	518	84	Open	Open	NNP
www-sonatype-com-3567	518	85	Source	Source	NNP
www-sonatype-com-3567	518	86	Project	Project	NNP
www-sonatype-com-3567	518	87	Owners	Owners	NNPS
www-sonatype-com-3567	518	88	and	and	CC
www-sonatype-com-3567	518	89	Contributors	Contributors	NNPS
www-sonatype-com-3567	518	90	Guidance	Guidance	NNP
www-sonatype-com-3567	518	91	for	for	IN
www-sonatype-com-3567	518	92	Enterprise	Enterprise	NNP
www-sonatype-com-3567	518	93	Development	Development	NNP
www-sonatype-com-3567	518	94	Teams	Teams	NNPS
www-sonatype-com-3567	518	95	Chapter	chapter	NN
www-sonatype-com-3567	518	96	4	4	CD
www-sonatype-com-3567	518	97	How	how	WRB
www-sonatype-com-3567	518	98	High	high	JJ
www-sonatype-com-3567	518	99	Performance	performance	NN
www-sonatype-com-3567	518	100	Teams	team	NNS
www-sonatype-com-3567	518	101	Manage	manage	VBP
www-sonatype-com-3567	518	102	Open	open	JJ
www-sonatype-com-3567	518	103	Source	source	NN
www-sonatype-com-3567	518	104	Software	Software	NNP
www-sonatype-com-3567	518	105	Supply	Supply	NNP
www-sonatype-com-3567	518	106	Chains	Chains	NNPS
www-sonatype-com-3567	518	107	Survey	Survey	NNP
www-sonatype-com-3567	518	108	of	of	IN
www-sonatype-com-3567	518	109	Open	Open	NNP
www-sonatype-com-3567	518	110	Source	Source	NNP
www-sonatype-com-3567	518	111	Management	Management	NNP
www-sonatype-com-3567	518	112	Practices	Practices	NNPS
www-sonatype-com-3567	518	113	Comparing	compare	VBG
www-sonatype-com-3567	518	114	High	High	NNP
www-sonatype-com-3567	518	115	Performers	Performers	NNPS
www-sonatype-com-3567	518	116	vs.	vs.	CC
www-sonatype-com-3567	518	117	Low	Low	NNP
www-sonatype-com-3567	518	118	Performers	Performers	NNPS
www-sonatype-com-3567	518	119	Comparing	compare	VBG
www-sonatype-com-3567	518	120	High	High	NNP
www-sonatype-com-3567	518	121	Performers	Performers	NNPS
www-sonatype-com-3567	518	122	vs.	vs.	IN
www-sonatype-com-3567	518	123	Security	Security	NNP
www-sonatype-com-3567	518	124	First	First	NNP
www-sonatype-com-3567	518	125	Variables	Variables	NNPS
www-sonatype-com-3567	518	126	Most	Most	JJS
www-sonatype-com-3567	518	127	Impacting	Impacting	NNP
www-sonatype-com-3567	518	128	Performance	Performance	NNP
www-sonatype-com-3567	518	129	and	and	CC
www-sonatype-com-3567	518	130	Risk	Risk	NNP
www-sonatype-com-3567	518	131	Management	Management	NNP
www-sonatype-com-3567	518	132	Influencing	Influencing	NNP
www-sonatype-com-3567	518	133	Risk	Risk	NNP
www-sonatype-com-3567	518	134	Management	Management	NNP
www-sonatype-com-3567	518	135	Outcomes	Outcomes	NNP
www-sonatype-com-3567	518	136	Influencing	Influencing	NNP
www-sonatype-com-3567	518	137	Productivity	Productivity	NNP
www-sonatype-com-3567	518	138	Outcomes	Outcomes	NNP
www-sonatype-com-3567	518	139	Influencing	Influencing	NNP
www-sonatype-com-3567	518	140	Job	Job	NNP
www-sonatype-com-3567	518	141	Satisfaction	Satisfaction	NNP
www-sonatype-com-3567	518	142	Guidance	Guidance	NNP
www-sonatype-com-3567	518	143	for	for	IN
www-sonatype-com-3567	518	144	Enterprise	Enterprise	NNP
www-sonatype-com-3567	518	145	Development	development	NN
www-sonatype-com-3567	518	146	Teams	Teams	NNPS
www-sonatype-com-3567	518	147	Patterns	Patterns	NNPS
www-sonatype-com-3567	518	148	Across	across	IN
www-sonatype-com-3567	518	149	OSS	OSS	NNP
www-sonatype-com-3567	518	150	Component	component	NN
www-sonatype-com-3567	518	151	Updates	Updates	NNPS
www-sonatype-com-3567	518	152	:	:	:
www-sonatype-com-3567	518	153	Easy	easy	JJ
www-sonatype-com-3567	518	154	,	,	,
www-sonatype-com-3567	518	155	Difficult	difficult	JJ
www-sonatype-com-3567	518	156	,	,	,
www-sonatype-com-3567	518	157	and	and	CC
www-sonatype-com-3567	518	158	Planned	planned	JJ
www-sonatype-com-3567	518	159	Chapter	Chapter	NNP
www-sonatype-com-3567	518	160	5	5	CD
www-sonatype-com-3567	518	161	The	the	DT
www-sonatype-com-3567	518	162	Trust	Trust	NNP
www-sonatype-com-3567	518	163	and	and	CC
www-sonatype-com-3567	518	164	Integrity	Integrity	NNP
www-sonatype-com-3567	518	165	of	of	IN
www-sonatype-com-3567	518	166	Software	Software	NNP
www-sonatype-com-3567	518	167	Supply	Supply	NNP
www-sonatype-com-3567	518	168	Chains	Chains	NNPS
www-sonatype-com-3567	518	169	1	1	CD
www-sonatype-com-3567	518	170	in	in	IN
www-sonatype-com-3567	518	171	10	10	CD
www-sonatype-com-3567	518	172	OSS	oss	NN
www-sonatype-com-3567	518	173	Downloads	download	NNS
www-sonatype-com-3567	518	174	Are	be	VBP
www-sonatype-com-3567	518	175	Vulnerable	vulnerable	JJ
www-sonatype-com-3567	518	176	Enterprises	enterprise	NNS
www-sonatype-com-3567	518	177	Rely	rely	VBP
www-sonatype-com-3567	518	178	on	on	IN
www-sonatype-com-3567	518	179	Code	Code	NNP
www-sonatype-com-3567	518	180	from	from	IN
www-sonatype-com-3567	518	181	3,500	3,500	CD
www-sonatype-com-3567	518	182	Suppliers	Suppliers	NNPS
www-sonatype-com-3567	518	183	,	,	,
www-sonatype-com-3567	518	184	But	but	CC
www-sonatype-com-3567	518	185	Quality	Quality	NNP
www-sonatype-com-3567	518	186	Varies	Varies	NNPS
www-sonatype-com-3567	518	187	OSS	OSS	NNP
www-sonatype-com-3567	518	188	Components	component	NNS
www-sonatype-com-3567	518	189	Make	make	VBP
www-sonatype-com-3567	518	190	Up	up	RP
www-sonatype-com-3567	518	191	90	90	CD
www-sonatype-com-3567	518	192	%	%	NN
www-sonatype-com-3567	518	193	of	of	IN
www-sonatype-com-3567	518	194	a	a	DT
www-sonatype-com-3567	518	195	Modern	Modern	NNP
www-sonatype-com-3567	518	196	Application	Application	NNP
www-sonatype-com-3567	518	197	21	21	CD
www-sonatype-com-3567	518	198	%	%	NN
www-sonatype-com-3567	518	199	of	of	IN
www-sonatype-com-3567	518	200	Enterprises	Enterprises	NNP
www-sonatype-com-3567	518	201	Experienced	experience	VBD
www-sonatype-com-3567	518	202	Open	Open	NNP
www-sonatype-com-3567	518	203	Source	source	NN
www-sonatype-com-3567	518	204	Breaches	Breaches	NNP
www-sonatype-com-3567	518	205	Chapter	chapter	NN
www-sonatype-com-3567	518	206	6	6	CD
www-sonatype-com-3567	518	207	The	the	DT
www-sonatype-com-3567	518	208	Changing	change	VBG
www-sonatype-com-3567	518	209	OSS	oss	NN
www-sonatype-com-3567	518	210	Landscape	Landscape	NNP
www-sonatype-com-3567	518	211	:	:	:
www-sonatype-com-3567	518	212	Social	Social	NNP
www-sonatype-com-3567	518	213	Activism	Activism	NNP
www-sonatype-com-3567	518	214	and	and	CC
www-sonatype-com-3567	518	215	Government	Government	NNP
www-sonatype-com-3567	518	216	Standards	Standards	NNP
www-sonatype-com-3567	518	217	Social	Social	NNP
www-sonatype-com-3567	518	218	Activism	Activism	NNP
www-sonatype-com-3567	518	219	and	and	CC
www-sonatype-com-3567	518	220	Open	Open	NNP
www-sonatype-com-3567	518	221	Source	source	NN
www-sonatype-com-3567	518	222	Software	software	NN
www-sonatype-com-3567	518	223	Governments	government	NNS
www-sonatype-com-3567	518	224	Apply	apply	VBP
www-sonatype-com-3567	518	225	New	New	NNP
www-sonatype-com-3567	518	226	Standards	Standards	NNPS
www-sonatype-com-3567	518	227	to	to	TO
www-sonatype-com-3567	518	228	Secure	Secure	NNP
www-sonatype-com-3567	518	229	Software	Software	NNP
www-sonatype-com-3567	518	230	Supply	Supply	NNP
www-sonatype-com-3567	518	231	Chains	chain	NNS
www-sonatype-com-3567	518	232	United	United	NNP
www-sonatype-com-3567	518	233	States	States	NNP
www-sonatype-com-3567	518	234	United	United	NNP
www-sonatype-com-3567	518	235	Kingdom	Kingdom	NNP
www-sonatype-com-3567	518	236	Australia	Australia	NNP
www-sonatype-com-3567	518	237	Summary	Summary	NNP
www-sonatype-com-3567	518	238	Sources	Sources	NNPS
www-sonatype-com-3567	518	239	Appendix	Appendix	NNP
www-sonatype-com-3567	518	240	A	a	DT
www-sonatype-com-3567	518	241	Appendix	Appendix	NNP
www-sonatype-com-3567	518	242	B	b	NN