The Hidden Costs of Rushing Open Source Upgrades

September 17, 2025

, By The New Stack

Share via:

According to the most recent Open Source Security and Risk Analysis Report (OSSRA), 97% of all scanned codebases contain open source components, with an average of more than 900 such components per application. Moreover, nearly two-thirds of these components are transitive dependencies. That means they’re libraries that are pulled in indirectly — and many teams may not even realize they’re using them.

This widespread reliance on open source, with each open source component following its own support policy and timeline, exposes…

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Previous News

Vivo Y31 5G, Y31 Pro 5G with 6,500mAh battery, 44W charging launched in India: Price, specs, offers and more

Next News

Google pokes a banana-shaped hole in Musk’s App Store bias claim

Popular

More Like this

The Hidden Costs of Rushing Open Source Upgrades

September 17, 2025

, Published By The New Stack

According to the most recent Open Source Security and Risk Analysis Report (OSSRA), 97% of all scanned codebases contain open source components, with an average of more than 900 such components per application. Moreover, nearly two-thirds of these components are transitive dependencies. That means they’re libraries that are pulled in indirectly — and many teams may not even realize they’re using them.

This widespread reliance on open source, with each open source component following its own support policy and timeline, exposes…

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Previous News

Vivo Y31 5G, Y31 Pro 5G with 6,500mAh battery, 44W charging launched in India: Price, specs, offers and more

Next News

Google pokes a banana-shaped hole in Musk’s App Store bias claim

More like this

Popular

Block title