Sonatype’s annual software supply chain analysis finds open source project maintenance in decline, while 1 in 8 open source downloads have a known risk. A recent analysis accounting for nearly 1.2 ...