Open Source and the Software Supply Chain

There is a dynamic shift occurring in the software development land- scape. No longer are applications written, today most are assembled using open source components. The growing reliance on externally sourced, open-source components as core building blocks for modern application development, coupled with the complexity of the ecosystem, has ushered in new risks for the software supply chain. This article will explore the licensing, security, and quality risks associated with component-based development and its direct impact on the integrity of the software supply chain.