C001 — OSS CI Adoption Rate Around 40% — Likely to Very likely (75-90%)
Contents
Summary
Claim: Only approximately 40% of open source projects use continuous integration at all.
Bottom Line: The claim that approximately 40% of open source projects use CI is well-supported by multiple independent empirical studies. The exact figure varies by study and sample composition (40% in 2016, 43.9% in 2022, 50%+ in npm-specific repos), but the approximate 40% figure serves as a reasonable baseline. The claim masks significant stratification: CI adoption is much higher among actively maintained, popular projects.
Results
| Artifact |
Description |
| Input |
Original text, clarification, scope, vocabulary |
| Assessment |
Evidence synthesis, probability assessment, gaps |
| Self-Audit |
Process audit across 4 ROBIS domains |
| Reading List |
Prioritized source list |
Hypotheses
Searches
| ID |
Target |
Returned |
Selected |
| S01 |
H1 |
0 |
0 |
| S02 |
H2 |
0 |
0 |
| S03 |
H3 |
? |
? |
| S04 |
H4 |
? |
? |
| S05 |
H1 |
0 |
0 |
Sources
| ID |
Title |
Reliability |
Relevance |
| SRC001 |
https://mir.cs.illinois.edu/marinov/publications/HiltonETAL1 |
High |
High |
| SRC002 |
https://arxiv.org/html/2602.14572v3 |
High |
High |
| SRC003 |
https://www.blackduck.com/blog/open-source-trends-ossra-repo |
High |
High |
| SRC004 |
https://www.scworld.com/news/open-source-vulnerabilities-per |
Medium |
High |
| SRC005 |
https://www.sonatype.com/state-of-the-software-supply-chain/ |
High |
High |
| SRC006 |
https://www.sonatype.com/press-releases/sonatypes-10th-annua |
High |
High |
| SRC007 |
https://www.chainguard.dev/unchained/wolfis-upstream-securit |
Medium |
High |
| SRC008 |
https://github.com/ossf/scorecard |
High |
High |
| SRC009 |
https://blog.jetbrains.com/teamcity/2025/10/the-state-of-cic |
Medium |
Medium |
| SRC010 |
https://arxiv.org/html/2409.07669v2 |
High |
High |
| SRC011 |
https://www.pixee.ai/blog/sast-false-positives-reduction |
Medium |
High |
| SRC012 |
https://thenewstack.io/checking-linuxs-code-with-static-anal |
High |
High |
| SRC013 |
https://www.sonatype.com/state-of-the-software-supply-chain/ |
High |
High |
Evidence Snapshot
| Dimension |
Rating |
| Evidence quality |
Robust |
| Source agreement |
High |
Revisit Triggers
- [study] A new large-scale empirical study (2025+) measuring CI adoption across >50,000 GitHub repositories reports a rate significantly different from 40-50%.
- [data_update] GitHub publishes official Octoverse data on CI/GitHub Actions adoption rates across all repositories.
- [study] A study measuring the gap between CI configuration file presence and actual CI pipeline execution is published.
- [event] GitHub Actions introduces a change (e.g., default-on CI for new repositories) that could substantially alter adoption dynamics.
← Back to run overview