{"id":230588,"date":"2026-04-02T07:30:00","date_gmt":"2026-04-02T11:30:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/02\/the-state-of-trusted-open-source-report\/"},"modified":"2026-04-02T21:45:11","modified_gmt":"2026-04-03T01:45:11","slug":"the-state-of-trusted-open-source-report","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/02\/the-state-of-trusted-open-source-report\/","title":{"rendered":"The State of Trusted Open Source Report"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/the-state-of-trusted-open-source-report.html\">The State of Trusted Open Source Report<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/the-state-of-trusted-open-source-report.html\">https:\/\/thehackernews.com\/2026\/04\/the-state-of-trusted-open-source-report.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-02 07:30:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p>In December\u00a02025, we shared the first-ever The State of Trusted Open\u00a0Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These\u00a0insights shed light on what teams pull, deploy, and maintain day to day, alongside the vulnerabilities and remediation realities these projects\u00a0face.<\/p>\n<p>Fast forward a few months, and software development is accelerating at a pace that most didn\u2019t see coming. AI\u00a0is increasingly embedded across the development lifecycle, from code generation to infrastructure automation, as models become more advanced and better at meeting the demands of modern work. This\u00a0shift is expanding what teams can build and how quickly they can\u00a0ship.<\/p>\n<p>It is also reshaping the security landscape.<\/p>\n<p>Before diving into the numbers, it\u2019s important to explain how we perform this analysis. We\u00a0examined over 2,200 unique container image projects, 33,931 total vulnerability instances, and 377 unique CVEs from December 1, 2026, through February 28, 2026. When\u00a0we use terms like \u201ctop 20 projects\u201d and \u201clong tail projects\u201d (as defined by images outside of the top 20), we\u2019re referring to real usage patterns observed across our customer portfolio and in production\u00a0pulls.<\/p>\n<p>In this report, we noticed a few new themes that point to this shift. These\u00a0themes built on the trends from our last report, ultimately showcasing the impact of increased AI-driven development both in the types of container images being used and in the number of CVEs being discovered and remediated:<\/p>\n<ul>\n<li><strong>Python and PostgreSQL growth reflects AI-driven development: <\/strong>Python remains the most popular image (72.1% of all customers use it), and PostgreSQL saw a 73% increase in usage quarter-over-quarter, underscoring the growing adoption of a modern AI stack across various use cases.<\/li>\n<li><strong>The modern platform stack is becoming increasingly standardized:<\/strong> Across&#8230;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/04\/the-state-of-trusted-open-source-report.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The State of Trusted Open Source Report https:\/\/thehackernews.com\/2026\/04\/the-state-of-trusted-open-source-report.html Publish Date: 2026-04-02 07:30:00 Source Domain: thehackernews.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":230589,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi5yI578d17vaAxuCMW2SLrz3ibI4ibSfdDCfum-B3VZ0Ukyd79Eue2VR8ofUCBpISSXsL8biYdRFyuMm78T6PTU7U1w_6jJK3qV7ohPRSt3NGDTtAkseitLCaEZVHqcVIhFZABPlyAP8KPV-JMlnlq42Flgl7lB2Rs5hkIQYVYtc0Z15Yd0WKaYSu7CLM\/s1600\/devsecops.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,27],"class_list":["post-230588","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230588"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=230588"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230588\/revisions"}],"predecessor-version":[{"id":230590,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230588\/revisions\/230590"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/230589"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=230588"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=230588"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=230588"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}