The State of Trusted Open Source Report

This article discusses a December 2025 report on trusted open source software consumption patterns. The report analyzes container image projects, language libraries, and builds to understand what organizations pull, deploy, and maintain. Key focus areas include vulnerabilities within open source components and consumption trends across enterprise environments. While the article is incomplete, the report appears to provide insights for security teams to improve open source supply chain security posture and vulnerability management practices. Organizations should leverage such research to inform their open source security policies and scanning practices.

In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams pull, deploy, and maintain day to day, alongside the vulnerabilities and

This article discusses a December 2025 report on trusted open source software consumption patterns. The report analyzes container image projects, language libraries, and builds to understand what organizations pull, deploy, and maintain. Key focus areas include vulnerabilities within open source components and consumption trends across enterprise environments. While the article is incomplete, the report appears to provide insights for security teams to improve open source supply chain security posture and vulnerability management practices. Organizations should leverage such research to inform their open source security policies and scanning practices. In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams pull, deploy, and maintain day to day, alongside the vulnerabilities and In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer base on open source consumption across our catalog of container image projects, versions, images, language libraries, and builds. These insights shed light on what teams pull, deploy, and maintain day to day, alongside the vulnerabilities and