Topics In Demand
Notification
New

No notification found.

SOFTWARE ARTIFACT STATE OF THE UNION

February 10, 2023 279 0 DevOps Industry Trends

SOFTWARE ARTIFACT STATE OF THE UNION

JFrog’s Software Artifact State of the Union provides a reliable snapshot of package popularity and adoption trends.

WHY is this Important? 

The first annual JFrog Software Artifact State of the Union report highlights the packages and binary types most widely used by organizations today to deliver production-ready software. 

This information helps developers and DevOps team leaders identify what technologies to invest in from a skillset perspective as well as to build software in/on. It can also help benchmark their organization’s software development maturity relative to the wider industry. 

 

What’s different about JFrog’s report?

While other reports like the Tiobe index or Stack Overflow’s Developer Survey rely on indirect indicators of technology popularity (such as search trends, surveys, or GitHub projects), JFrog is in a unique position – given our universal support, 1M developers worldwide, 7K+ customers, and binary-level visibility – to assess which technologies organizations are actually incorporating into their SSC / SDLC today.  

 

Where did the data come from?

The report is based on anonymized Artifactory customer usage, looking at the number of repositories and actions for a given package type. It spans petabytes of data and millions of artifact repositories across multiple industries worldwide.

 

What does the data show? 

JFrog’s Software Package State of the Union report indicates the following enterprise software trends: 

 

  • Preparing for IoT and the Edge: C and C++ – the primary language used when designing software to run on edge and IoT devices – grew exponentially between January 2020 and October 2022, along with Conan – the decentralized package manager for C/C++ – which grew 5.2X over the same period.
  • Containers are King: Use of Docker containers and Helm Charts has risen exponentially over the last two years, indicating more organizations are taking a cloud-native approach and designing larger, more sophisticated artifacts for use by applications such as the Metaverse, Blockchain, or cryptocurrency.
  • The Old Guard Stands Strong: Over 90 percent of organizations are maintaining a Maven repo, which is most commonly used for indexing software artifacts composed of Java, JavaScript, Python, and C/C++.
  • Increasing focus on Memory Safety for Securing the Software Supply Chain: Modern languages, such as Apple Swift, Go, Rust are designed with built-in safety mechanisms to make the developer aware of any potential issues when coding so they can avoid future detrimental software supply chain attacks the likes of Log4Shell, Spring4Shell, and Solar Winds. To that end, use of Rust (and its package manager, Cargo) grew 98X since April 2021.
  • Terraform: The infrastructure-as-code (IaC) standard: Terraform repositories showed the highest growth trajectory of any package type since May 2022, indicating companies see the benefit of moving IaC files to a full-featured, binary-based, secure management solution. 
  • Growing Variety and Size of Software Artifacts: Companies typically support an average of seven package types and manage more than 100,000 artifacts, with the size of those artifacts steadily increasing with the widespread use of containerization technologies like Docker and Kubernetes.

That the contents of third-party research report/s published here on the website, and the interpretation of all information in the report/s such as data, maps, numbers etc. displayed in the content and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party research report/s published, are provided solely as convenience; and the presence of these research report/s should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these research report/s, you do so at your own risk.


JFrog is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure, fearless flow of binaries from developers to the edge. The JFrog DevOps Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle to build, secure, distribute, and connect any source with any production environment. Millions of users and thousands of customers worldwide and the majority of the Fortune 100 depend on JFrog solutions to securely embrace digital transformation.



LATEST REPORTS

© Copyright nasscom. All Rights Reserved.