It can take an average of over four years for vulnerabilities in open source software to be spotted, an area in the security community that needs to be addressed, researchers say.
According to GitHub’s annual State of the Octoverse report, published on Wednesday, reliance on open source projects, components, and libraries is more common than ever.
Over the course of 2020, GitHub tallied over 56 million developers on the platform, with over 60 million new repositories being created — and over 1.9 billion contributions added — over the course of the year.
“You would be hard-pressed to find a scenario where your data does not pass through at least one open source component,” GitHub says. “Many of the services and technology we all rely on, from banking to healthcare, also rely on open source software. The artifacts of open source code serve as critical infrastructure for much of the global