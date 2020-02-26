ITASCA, Ill., Feb. 26, 2020 (GLOBE NEWSWIRE) -- Flexera, a demonstrated leader in open source software scanning, software installation, and software monetization, released its 2020 State of Open Source License Compliance report today.
Flexera’s Software Composition Analysis teams analyzed data from 121 audit projects to evaluate the extent to which companies under-report open source usage—and the resulting license compliance issues and vulnerabilities present in their applications. This global, cross-industry study evaluated more than 2.6 billion lines of code and uncovered 80,157 total issues; compared to the 2019 report, the average number of issues per project jumped over 80 percent, due partially to the number of Node.js packages from NPM, a trend expected to continue in 2020. The report provides valuable insights for security, engineering, and legal teams.
“Open source usage continues to grow while driving increased productivity, faster time to market, and lower cost solutions. Knowing what and how much open source is in use is critically important for any software supplier, as well as their stakeholders, partners—and their customers. The increase in the number of issues uncovered per audit project, as compared to 2019 data, emphasizes the value of having a formal open source management strategy for the entire supply chain,” said Brent Pietrzak, SVP and General Manager of Flexera’s Supplier Division. “While open source isn’t inherently riskier than proprietary code, open source can become a vulnerability when it isn’t managed properly.”
The 2020 report highlights:
