Open source software has crossed a critical threshold.
The 2026 State of Open Source Report shows that 98% of organisations are maintaining or expanding their use of open source. That level of adoption tells a clear story. Open source is no longer a strategic option. It’s core infrastructure.
But the report also makes something else clear. The industry has solved adoption. It has not solved what comes next.
Control has replaced cost
Organisations are no longer choosing open source primarily to reduce cost. 55% now cite avoiding vendor lock-in as a top driver, a 68% increase year over year.
This reflects a shift toward control of infrastructure, data, and long-term direction. In Europe, where that number climbs even higher, this motivation is closely tied to digital sovereignty.
At the same time, many organisations are discovering that independence is harder to achieve than expected. Open source alone does not eliminate dependency. Without the right governance, it can simply redistribute it.
Cost has shifted to operations
The report highlights the operational reality of open source. Nearly half of development time is now spent on maintenance and production issues, and security updates and patching remain the most common challenge across organisations.
In large enterprises, teams often spend more time maintaining systems than building new ones. The cost of software has moved into lifecycle management, including upgrades, dependency coordination, and ongoing support.
This pattern is especially visible in the Java ecosystem. 37% of organisations rely on Java, yet nearly 60% report difficulty managing dependencies and keeping up with upgrades. Faster release cycles and tightly coupled components have created a constant upgrade cycle that increases both effort and risk.
Within this environment, Eclipse Temurin is used by just over 31% of Java teams, reflecting demand for stable, vendor-neutral runtimes.
Complexity is outpacing capability
The same dynamic extends beyond Java. Cloud-native and data platforms are widely adopted, but 43% of organisations cite lack of skilled personnel as their biggest challenge, and 60% report difficulty keeping systems updated and on supported versions.
Adoption is high. Complexity is increasing. The ability to manage that complexity is not keeping pace.
As a result, risk is rising. Increased regulatory pressure is amplifying this exposure, with 86% of organisations subject to compliance requirements and those running end-of-life software significantly more likely to fail audits. At the same time, 20% of organisations still lack a defined process for handling vulnerabilities.
Open source is widely trusted, but it is not always governed or maintained with the level of rigor that its importance demands.
From projects to ecosystems
There are signs of progress. Nearly 40% of organisations contribute to open source projects or communities.
However, far fewer have formal structures in place to manage open source strategically. This points to a broader issue. Open source has scaled as a development model, but not yet as an operational one.
Managing it at scale requires thinking beyond individual projects to the systems they form, including lifecycle, dependencies, and long-term sustainability.
Why open source foundations matter
This is where foundations play a critical role.
The challenges highlighted in the report are systemic. Avoiding lock-in requires neutral governance. Managing lifecycle risk requires long-term stewardship. Supporting complex environments requires coordination across technologies and stakeholders.
Foundations provide the structure that allows open source to function as infrastructure. They ensure that technologies remain vendor-neutral, sustainably maintained, and interoperable over time.
As open source becomes more deeply embedded in critical systems, these functions are no longer optional. They are essential.
The next phase: operational maturity
The 2026 State of Open Source Report points to a clear transition. Open source has moved from access to adoption. The next phase is defined by operational maturity.
Organisations that succeed will be those that treat open source as a long-term strategic asset. That means investing in governance, managing lifecycle risk, and participating in ecosystems rather than simply consuming projects.
The success of open source has raised expectations. Now it must meet them. That is where foundations like the Eclipse Foundation play a defining role.
To explore these findings further, join Eclipse Foundation’s VP of Community Operations Gaël Blondelle alongside leaders from OSI and Perforce OpenLogic.
👉 https://www.openlogic.com/resources/events/webinar/2026-state-of-open-source
