In December of 2021, Tidelift fielded our annual survey of technologists who use open source to build applications at work. Nearly 700 people shared how they use open source software today, what holds them back, and what tools and strategies help them use it even more effectively.
In this post, we share the third of seven key findings. If you don’t want to wait for the rest of the results, you can download the full survey report right now at the link below.
Most of the other languages stayed pretty stable, with the biggest jump going to C++, increasing its percentage of mentions from 14% to 25%. Go, which went from seventh (17%) in our previous survey up to fifth (24%) this year was the other big positive mover.
A new angle we wanted to explore this year was to see if there were differences in how confident respondents were about whether the components they were using in these languages were up-to-date, secure, and well maintained.
Respondents were most confident about Python, with 81% of respondents reporting they were extremely or somewhat confident and only 19% not very or not at all confident.
In particular we also wanted to see if confidence in Java was hurt by the Log4Shell vulnerability in Log4j, a Java logging component, so we examined the answers that came in before and after the vulnerability was reported in early December.
We saw that 78% of respondents who completed our survey prior to Log4Shell reported being extremely or somewhat confident in Java security and maintenance, and that number dropped slightly to 73% after Log4Shell. Meanwhile the percentage of respondents reporting being not very or not at all confident in Java security in maintenance rose after Log4Shell from 22% to 27%. Most notably, the percentage of respondents reporting that they were not at all confident more than doubled, from 3% pre-Log4Shell to 7% afterwards.
We hope you found some useful and actionable information in this blog post. If you’d like to get notified as future posts come out, please sign up for our blog digest here. Or if you don’t want to wait, download the full survey results today!