Developers' Top Pain Points in Open Source Runtimes
December 03, 2018

Bart Copeland
ActiveState

ActiveState surveyed developers and programmers in 92 countries to better understand their pain points and assess how businesses can better work with their organizations. The survey results establish a starting point for understanding the challenges that coders (developers, engineers, data scientists, QA and so on) confront when working with open source runtimes.

Blocks to Productivity

One fact the survey highlighted is that developers need to streamline their workflow in order to increase productivity. Developers and programmers spend only two to four hours of their day programming, on average. Productivity is disrupted due to time spent managing other issues such as polyglot environments and retrofitting. Enterprises are lacking resources that developers need to streamline their workflow.

The survey confirmed that security, defined here as being up to date with the latest or most secure version of packages used, is suffering. Management is unable to assess risks due to lack of visibility. For instance, 61 percent of respondents found it difficult or very difficult to get information about package quality – security, activity or updates.

Production code isn't being tracked, creating a gap in vulnerability assessment. This creates additional issues in security as there is lack of visibility of where code is specifically running that requires updates or patches. Consequently, half of developers surveyed expressed a deep concern about security.

In addition, new tool adoption turns out to be more cumbersome than helpful. In fact, developers already spend 74 % of their time managing dependencies and development tools. A whopping 67 % – more than two-thirds – opted out of implementing a new programming language due to the hassle of incorporating a new programming language. Not surprisingly, adding or incorporating a programming language into an organization was rated the most difficult challenge, by a significant margin; 56% of all respondents rated this as difficult or very difficult.

Bridging the Developer-Enterprise Gap

The above survey data is an invaluable tool to measure and track progress towards solving open source runtime pains that developers are experiencing. In order to relieve developers of these pains and better enable quicker release updates, we need to look at a top-down and bottom-up approach. The gap between the developer and the enterprise needs to be bridged through clear communication of needs.

One approach is to have a "bill of materials" of all the packages running in production as well as the applications and their respective dependencies of where the code is running.

Another approach is to facilitate the developer implementing what's required from a license and security perspective. Solving developers' problem spots will increase their productivity and their job satisfaction, benefiting developers and their organizations alike.

Bart Copeland is CEO and President of ActiveState
Share this

Industry News

December 10, 2019

Redgate Software launched its fourth annual State of Database DevOps Survey.

December 10, 2019

Compuware has signed a definitive agreement to acquire the assets of INNOVATION Data Processing, a provider of enterprise data protection, business continuance and storage resource management solutions serving the mainframe market.

December 10, 2019

Dynatrace announced its Autonomous Cloud Enablement (ACE) Practice to accelerate DevOps’ movement to autonomous cloud operations.

December 09, 2019

NS1, announced the expansion of its suite of integrations to include Kubernetes, Consul, Avi Networks (VMWare NSX), NGINX, and HAProxy.

December 09, 2019

CloudBees announced an extension of its partnership with Google. As a Google Cloud Run launch partner, CloudBees will offer developers more flexibility in their deployment of containerized applications.

December 09, 2019

EPAM Systems has expanded its crowdtesting software solutions to enable user story testing.

December 05, 2019

Parasoft announced the newest release of Parasoft C/C++test, the unified C and C++ development testing solution for enterprise and embedded applications.

December 05, 2019

Datadog announced Security Monitoring, a new product that enables real-time threat detection across the entire stack and deeper collaboration between security, developers, and operations teams.

December 05, 2019

Pulumi announced the availability of Pulumi Crosswalk for Kubernetes, an open source collection of frameworks, tools and user guides that help developers and operators work better together delivering production workloads using Kubernetes.

December 04, 2019

CloudBees announced a Preview Program for CloudBees CI/CD powered by Jenkins X, a Software as a Service (SaaS) continuous integration and continuous delivery solution running on Google Cloud Platform.

December 04, 2019

Rancher Labs announced the general availability of K3s, their lightweight, certified Kubernetes distribution purpose built for small footprint workloads, along with the beta release of Rio, their new application deployment engine for Kubernetes that delivers a fully integrated deployment experience from operations to pipeline.

December 04, 2019

WhiteSource announced a new integration with Codefresh, the Kubernetes-native CI/CD solution.

December 03, 2019

Styra is addressing one of the most significant enterprise blockers of Kubernetes: compliance. With Styra, enterprises can move Kubernetes clusters into production en masse while complying with traditional governance, audit, and compliance rules and regulations.

December 03, 2019

Nureva added 13 agile-themed templates to Span Workspace, Nureva’s expansive cloud-based digital canvas for visual planning and team collaboration.

December 03, 2019

Threat Stack announced support for AWS Fargate in the Threat Stack Cloud Security Platform.