Sonatype, oo ah shirkad ku takhasustay ilaalinta weerarrada silsiladda sahayda, ayaa daabacday natiijooyinka daraasadda (PDF, 62 bogag) ee ku saabsan ku-tiirsanaanta iyo arrimaha dayactirka ee Java, JavaScript, Python, iyo mashaariicda .NET ee lagu martiqaaday Maven Central, NPM, PyPl, iyo Nuget. Sanadkii la soo dhaafay, tirada mashaariicda ee nidaamyada deegaanka il furan ee la kormeeray ayaa kordhay celcelis ahaan 29%. Tirada xirmooyinka laga soo dejiyay kaydka su'aasha ayaa kordhay 33% 2023, marka la barbar dhigo 73% korodhka 2021.
Dhaqdhaqaaqa xaasidnimada ah ee meelaha kaydka ah ayaa si aad ah u kordhay—245 xirmo xaasidnimo ah ayaa la ogaaday tan iyo bilowgii sanadka, iyo tirada weerarada la duubay ee loogu talagalay in lagu bedelo ku tiirsanaanta ayaa labanlaabmay.
Mashruucyo badan ayaa sii wada isticmaalka noocyada nugul. Tusaale ahaan, 23% ee la soo dejiyey xirmada Log4j Java ayaa weli waxaa ku jira noocyo leh nuglaanta muhiimka ah ee go'an 2021. Gudaha Maven Central kaydka, ku dhawaad 12% dhammaan la soo degista waxaa loogu talagalay qaybaha ay ku jiraan dayacanka la yaqaan. Celcelis ahaan, dhammaan meelaha kaydka ah, qaybta soo dejinta ee noocyadii hore ee xidhmooyinka lagu sifeeyay khatarta (tusaale, baylahda aan la daboolin) waa 20% (80% kiisaska, nooca hadda waa la soo dejiyay). 96% kiisaska, soo dejinta qaybaha nugul waa laga fogaan karay iyadoo la dooranayo noocyo hore loogu hagaajiyay.
Caqabadda muhiimka ah ee sugidda amniga waa la'aanta dayactirka tayada mashruuca. Tani waa arrin muhiim ah oo ku jirta nidaamka deegaanka ee Java iyo JavaScript: sannadkii la soo dhaafay, shantii mashruucba mid (18.6%) loo gudbiyay Maven Central iyo NPM, lana ilaaliyo sannadkii hore, ayaa joojiyay dayactirka. 1.176 milyan mashruuc oo lagu falanqeeyay Maven, NPM, PyP1, iyo NuGet, kaliya 11% (118,000) ayaa wali si firfircoon loo ilaalinayaa.
Daraasada ayaa sidoo kale waxaa ku jiray sahan lagu sameeyay 621 xirfadlayaasha horumarinta ee shirkado kala duwan. 67 boqolkiiba jawaab bixiyaasha ayaa aaminsan in codsiyadoodu aysan isticmaalin maktabado nugul, 10% waxay la kulmeen shilal amni oo ay sababeen dayacanka il furan 12kii bilood ee la soo dhaafay, iyo 20% lama hubo. Boqolkiiba 28 ee shirkaduhu waxay aqoonsadaan qaybaha nugul hal maalin gudaheed marka la shaaciyo nuglaanta, 39% waxay ku aqoonsadaan hal ilaa todoba maalmood gudahood, iyo 29% waxay ku aqoonsadaan in ka badan toddobaad gudahood.
Source: opennet.ru
