Sonatype component survey 2012

316 views
276 views

Published on

Published in: Design, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
316
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Sonatype component survey 2012

  1. 1. 3%ITOperations6%Manager,Director,orExecutive5%BuildManager22%Architect13%TeamLead/ProjectManager52%SoftwareDeveloper/EngineerRoleWithintheOrganization
  2. 2. 17%FinancialServices33%Tech&ISV12%Consulting6%Telecommunications2%Manufactoring5%Media&Entertainment7%Goverment&Military18%OtherOrganizationsSurveyed
  3. 3. 24%19%23%34%501+101-50026-1001-25NumberofDevelopersintheOrganization
  4. 4. We’restandardizingonanopensourcedevelopmentinfrastructurestack49%201152%2012Weonlyuseopensourceinfrastructureifit’scommerciallysupported7%10%201120122011201220112012It’snotourcorporatestandard,buttonsofpeopleuseit27%27%Afewofourdevelopersuseit,butit’snotwidelyadopted17%11%Doesyourorganizationuseopensourcedevelopmentinfrastructure?
  5. 5. Whydoyouusearepositorymanager?64%Improvebuildtime35%Toenforcestandardsforcomponentusage32%Bettervisibilityintocomponentusage67%Tomanagecomponentusage
  6. 6. Whydoyouusearepositorymanager?64%Improvebuildtime41%Toenforcestandardsforcomponentusage34%Bettervisibilityintocomponentusage75%TomanagecomponentusageOrganizationswithover500developers
  7. 7. Westrictlyconsumeopensource34%Weuseopensourceandcontributedirectlybacktoprojects45%Weuseopensourceandcontributebackviaathirdparty12%Wecontributetoopensourceprojectseventhoughourcompany’spoliciesprohibitit9%OpenSourceinOrganization2012Sonatypesurveyof2,550developers,architects,andmanagers45%34%12%9%
  8. 8. 4%Perl5.4%Python4.14%C/C++3.15%.NET2.86%Java1.Howimportantarethefollowingtypesofopensourcecomponentstoyourorganization?Percentagereportingcritical,prettyimportant,ormedium,butgettingmoreimportant
  9. 9. Mustadheretocorporatestandards35%70%Searchthewebforartifactsthatmeetourneeds35%Usemasterrepositorysearchtools(eg.CentralRepositorySearch)42%RelyontheadviceofmycolleaguesHowdoyoufindartifactsforyourprojects2012Sonatypesurveyof2,550developers,architects,andmana
  10. 10. 1.87of527%GitHub5.2.13of539%Atlassian4.2.22of543%JBoss3.2.44of551%ProjectSites2.3.17of578%CentralRepository1.Whatsourcesofopensourcecomponentsaremostimportanttoyourdevelopmentefforts?Percentagereportingcriticalorimportant
  11. 11. SecurityCodeQualityProjectMaturityLicensing32%19%51%25%28%51%18%2534%27%39%22%MissioncriticalExtremelyimportantSomewhatimportantMinorconcernNotaconcernarthecomponentsyouuseinyourapplications,hportantaretheseattributes?2012Sonatypesurveyof2,550developers,architects,andmana
  12. 12. Doesyourorganizationhaveanopensourcepolicy?2012Sonatypesurveyof2,550developers,architects,andmanagers51%No49%Yes
  13. 13. We’recompletelylockeddown.Weonlyuseapprovedcomponents.20%Wehavesomecorporatestandards,theyaren’tenforced.43%Therearenostandards.Eachdevelteamchoosethecomponentsthatbestfortheirproject.37%ontrolofartifactsindevelopme2012Sonatypesurveyof2,550developers,architects,andman
  14. 14. 13%in201120%45%in201137%42%in201143%We’recompletelylockeddown.Wecanonlyuseapprovedcomponents.Wehavesomecorporatestandards,buttheyaren’tenforced.Therearenostandards,eachdevelopmentteamchoosestheirowncomponents.ControlofArtifactsinDevelopment2011/2012Sonatypesurveysofdevelopers,architects,andmanagers
  15. 15. 31%18%13%25%21%12%19%19%FinancialServicesTech/ISVConsultingTelecommunicationsManufacturingMedia&EntertainmentGovt&MilitaryOtherControlofArtifactsbySectorWearecompletelylockeddown.Wecanonlyuseapprovedcomponents.
  16. 16. 51%Donothaveapolicy26%Haveapolicy23%Musthaveapprovalbeforeusingaopensourcecomponentsoesyourorganizationhaveanopensourcepolic2012Sonatypesurveyof2,550developers,architects,andmana
  17. 17. hoisresponsibleforOpenSourceGovernancDevelopmentTeams16%6%7%28%15%12%18%LegalSecurityRiskandComplianApplicationDevelopmenManagementITOperationsOSS/FOSSCommittee/Department
  18. 18. oesyouropensourcepolicyrestrictcomponentusasedonspecificlicenses?2012Sonatypesurveyof2,550developers,architects,andmanandweexamineeverycomponent*all*ofitsdependenciesYesandweexamineeverycomponentbut*not*itsdependencies51%25%,ourpolicydoesnotrestrictcomponentgebasedonlicensing24%Over3/4oforganizationsrestrictcomponentusagebasedonspecificlicenses
  19. 19. licyrestrictingcomponentusagebasedonspecificlicenYesandweexamineeverycomponentand*all*ofitsdependenciesYesandweexamineeverycomponentbut*not*itsdependenciesNo,ourpolicydoesnotrestrictcomponenusagebasedonlicensing51%25%24%havenoeffectivelicensingpolicy49%
  20. 20. 48%No32%Yes,forallcomponentsincludingdependencies20%Yes,forallcomponentsbutNOTtheirdependencioesyourorganizationmaintainaninventoryofopourcecomponentsusedinproductionapplications2012Sonatypesurveyof2,550developers,architects,andmana
  21. 21. NogoodwaytofindoutWhenacomponentisupdated,howdoyouknow?2012Sonatypesurveyof2,550developers,architects,andmanager74%40%30%20%66%BysearchingthewebKeepingupwithprojectsitesFromcolleaguesWordofmouth

×