Open Source Trends to Look for In 2024 — SitePoint

Created on November 12, 2023 at 11:01 am

According to Open Logic’s 2023 Open Source Report DATE , 80% PERCENT of polled companies said their use of open source over the previous year DATE had increased. As the corporate adoption of open source continues to increase, the space continues to grow and thrive, thanks to its large and dedicated community.

As always, new technologies and best practices in open-source software ( OSS ORG ) continue to emerge and lead the community down new and exciting paths. Here’s a preview of some trends you can expect the open-source ecosystem to focus more on in 2024 DATE .

We created this article in partnership with Codacy. Thank you for supporting the partners who make SitePoint ORG possible.

Widespread Adoption of Artificial Intelligence and Machine Learning

The software development community is on board with artificial intelligence (AI) and machine learning (ML) in 2023 DATE . A recent GitHub survey showed that 92% PERCENT of developers use AI-powered coding assistants.

AI and ML tools don’t just assist coders; they’re being used to aid any task requiring learning, problem-solving, and decision-making.

AI adoption in open source is also rapidly growing and has gone completely mainstream. We’ve already seen Google ORG using AI for image and speech recognition tasks. Facebook has also unveiled an open-source machine-learning library called PyTorch ORG .

While AI adoption and use is one CARDINAL part of the story, the other is the legal and ethical issues that this adoption has brought into the spotlight. Open-source software is at the forefront of many of these debates, because most of the coding data that ML ORG models train on are open-source projects.

This learning method brings into question intellectual property rights and licensing issues. Should the OSS ORG creators who wrote the code used to train AI be compensated? Should it even be legal to train these tools on the work of others?

We’ve seen that AI-powered image creators and writing tools have successfully managed to avoid copyright issues. However, one CARDINAL class action suit was filed against GitHub ORG , alleging their CoPilot ORG AI tool violates numerous open-source licenses.

While the chances of resolving these issues of legality and ethics regarding the use of AI technology will take a long time to resolve, it’s hard to believe that these concerns will be able to slow the widespread interest in and adoption of AI ORG and ML tools in open source and otherwise.

A Greater Focus on Security

According to the Synopsys 2023 Open Source Security and Risks Analysis (OSSRA) Report, 87% PERCENT of the 1,700 CARDINAL + codebases they scanned for the report included security and operational risk assessments. The report found that 89% PERCENT of the codebases contained open source code that was over four years DATE out of date, and 91% PERCENT contained components with no new development in at least two years DATE .

With the Log4j ORG library zero-day DATE critical vulnerability event still fresh in the minds of all open-source creators, the OSS ORG community is expected to continue stressing the importance of security and privacy best practices in 2024 DATE .

Open source is everywhere. The 2022 DATE OSSRA report showed that 97% PERCENT of software contains some open source. Open source made up 78% PERCENT of all code reviewed for the report. More importantly, 81% PERCENT of the codebases that include open-source code had at least one CARDINAL security vulnerability and an average of five CARDINAL high-risk vulnerabilities.

Open source is ubiquitous and permeates nearly every critical technology we depend on, making proper security and privacy even more vital. When networks worldwide use the same open-source code, one CARDINAL vulnerability could collapse innumerable systems across the globe.

However, open source’s greatest asset is also its most significant obstacle. Why invest in something that’s completely free?

According to a 2023 CARDINAL study by Tidelift PERSON , 60% PERCENT of open-source maintainers are “unpaid hobbyists.” Just 13% PERCENT describe themselves as professional maintainers who earn their living from this work.

The study also found that more than half CARDINAL of the maintainers polled needed to be made aware of recent security initiatives like OSSF scorecards, supply-chain levels for software architects ( SLSA ORG ), and the NIST Secure Software Development Framework ORG ( SSDF NORP ).

For security and workability, a priority for the open-source community in 2024 DATE and beyond must be finding ways to maintain popular projects better — namely, paying open-source maintainers well enough to commit to this type of work long-term.

Increased Corporate Support

Technology companies (both large and small) are becoming increasingly aware of the importance of the open-source community on their entire ecosystem. This recognition of open source’s importance is already leading to increased initiatives and sponsorships aimed at supporting open-source creators.

One CARDINAL of the most notable ones is GitHub’s Accelerator program, launched in April of 2023 DATE . The 10-week DATE program provided selected open-source projects with funding and guidance.

Lisbon PERSON -based code quality platform Codacy is doing something very similar. They announced a fellowship program for open-source creators called Pioneers ORG . Chosen projects will receive a monthly DATE stipend for an entire year DATE , free tooling, promotion for their projects, and mentorship for a star-studded cast of open-source experts, including Vue.js framework creator Evan PERSON You.

Applications for the Pioneers NORP program are open until the end of September DATE , and fellows will be selected and announced in mid-October DATE .

Another recent example of open-source sponsorships is the Rust Foundation ORG ’s current project, which offered grants to maintainers working with that programming language, which has a very active open-source ecosystem and community.

More Companies with Open Source Program Offices

Open Source Program Offices (OSPOs) are cross-functional teams within companies that are responsible for how their companies use open source. They create strategies and policies to ensure their company’s open-source strategies and protocols are more efficient and less risky.

The further proliferation of OSPOs should be expected in 2024 DATE and beyond. According to GitHub ORG ’s 2022 DATE

Octoverse PERSON report, 30% PERCENT of Fortune 100 companies have OSPOs. Research by the Linux Foundation ORG also found that while OSPO ORG adoption is still most prevalent in technology companies, we’re seeing increased adoption in other industries, like education and the public sector.

OSPOs can go a long way toward helping developers, technical staff, procurement, and legal teams select and implement the right open-source tools. An OSPO ORG can also be very helpful in educating staff and creating a culture of transparency and accountability when building an internal tool stack.

In 2024 DATE , don’t be surprised if more companies create roles and titles like Chief Open Source Officer to head OSPOs and work with Chief Technology Officers to create more efficient, secure, and sustainable open source policies for their companies.

Connecting to Connected... Page load complete