As most of our staff is currently working from home, we are unable to answer the phone in our Prague office. Please send an email to [email protected] and someone will get back to you as soon as possible.

Search

Blog

The latest updates about Sourcefabric

BACK TO BLOG OVERVIEW

The State of Open Source

The State of Open Source
The State of Open Source

Open-source software has become a fundamental part of modern digital infrastructure. Today, it’s a central element of enterprise strategy and business development across industries.

For sectors like journalism and publishing, where companies often rely on cost-effective technology, open source continues to offer critical advantages. But with its dominance has come increasing complexity. Two recent studies – the 2025 State of Open Source Report from OpenLogic and the 2025 Open Source Security and Risk Analysis Report from Black Duck – detail the risks, and rewards, of adopting an open-source software strategy.  

Software Usage Patterns

Cost savings remain an important factor in deciding to adopt open-source software over proprietary tools, but customisation, vendor independence, open standards, and long term-support from the community are also crucial in the decision-making process.

These benefits have helped position open-source software as the preferred tech stack for many organisations, particularly among publishers. According to the State of Open Source Report, nearly 40% of the respondents are investing in open-source cloud and container technologies. Compared to last year, the percentage of investing in programming languages and frameworks has also increased, suggesting that organisations are actively developing open-source software, rather than only using  it.

Barriers and Organisational Challenges

Despite the wide adoption of open-source solutions, many companies still struggle to manage the software effectively. Organisations often lack the internal expertise to manage open code, and keeping up with updates, meeting security and compliance requirements, and maintaining end-of-life (EOL) versions is a challenge. This skills gap means that organisations often adopt open-source  tools without a full understanding of their configuration, maintenance, or licensing implications.

Nearly half of organisations surveyed by OpenLogic expressed reservations about their ability, skills, and proficiency to manage open-source data platforms effectively. The tools themselves are mature, but the surrounding skills and operational discipline are frequently lacking.

Professional support and maintenance is the biggest reason why some organisations still gravitate toward proprietary software, and about 45% of those who are still using these versions are not switching to open source  because they don’t have access to professional support and maintenance.

Open Source Maturity

One of the more positive trends is the growing maturity of how organisations approach open source  use. More companies now have open source security, compliance, and  governance policies, while 59% of organisations surveyed by  OpenLogic perform security scans regularly for vulnerabilities.

Still, many teams remain reactive, adopting tools based on developer preference or project familiarity rather than institutional process. Long-term sustainability requires shifting from ad hoc usage toward structured decision-making, with clear accountability and documentation.

Risk Management

Risk management in open source is not only related to finding and fixing vulnerabilities; it has evolved into a strategic concern. To efficiently manage risks in open source, focusing on the most critical issues is the most important. A “software bill of materials” (SBOM) has emerged as a key component in software security and software supply chain risk management. SBOMs help organisations ensure security by providing benefits for the overall health of the software, such as risk management, vulnerability management, licence compliance, software quality assurance, mergers and acquisitions, and effective software development, deployment, and maintenance.

Licensing Complexity

Managing open source effectively requires attention to both licensing and security compliance. While permissive licenses such as the MIT License and Apache 2.0 continue to dominate, non-permissive licenses, dual-licensing strategies, and source-available alternatives are increasing. Permissive licenses typically impose few restrictions, mainly requiring that the original copyright notice is retained when distributing derivative software. This allows organisations or developers to use and modify the open source software freely while keeping the copyright notices intact, making permissive licenses a low-risk option for most projects.

More than 70% of codebases in the Black Duck audit contained licence conflicts or unclear terms. Many organisations are now investing in licence auditing tools or involving legal counsel earlier in the development process.

Conclusion

The state of open source in 2025 is marked by normalisation, strategic value, and a demand for greater accountability. While the technology continues to offer flexibility and innovation, it also brings new layers of responsibility, which includes governance, compliance, and risk planning.

For news organisations, open source remains indispensable. But as both the infrastructure and the expectations grow, it’s no longer enough to use these tools intuitively. The next phase of open source adoption will require strategic planning, and collaboration across teams.

Share

Resources