JVM Ecosystem report 2018 - About your processes and you
Andrew Binstock
October 17, 2018
0 mins readWelcome to the largest survey ever of Java developers. The data presented in the following report was taken from more than 10,200 questionnaires. If you were one of those survey-takers, many thanks to you for putting aside the time to share your experience for the benefit of others.This report is split across four posts:
JVM Ecosystem report 2018 - About your Platform and Application
JVM Ecosystem report 2018 - About your processes and you
We also have a lovely handcrafted pdf report which contains all of this information in one downloadable place.
DOWNLOAD THE JVM ECOSYSTEM 2018 REPORT!
About your Processes
25. How often do you release new versions of your code?
Worryingly, almost 1 in 4 respondents (24%) don’t know how often their code is released! This again might be due to the complexity of the application and perhaps different services are being released at various times.Almost 1 in 10 respondents are brave enough to release multiple times a day, but then again, when you release that often, bravery is replaced with consistency. The majority of respondents release once every couple of weeks to once a month. More than 1 in 10 respondents release once every six months or less. Better clear my plans for the week, we’re releasing on Monday.
26. How often do you audit your code?
About half the sites audit their code. And only almost 1 in 4 do so more than once a quarter. Whether the audit be for security, performance or quality it’s good to have a clear out. With half of the respondents not auditing their code whatsoever, just imagine the gremlins that could exist in those codebases!
About You
27. Where do you do your development work?
Not much to say here, other than we expected more respondents to come from North America. Perhaps they’ve lost all confidence in voting all together! It’s great to see representation from all corners of the globe. Hmmm, do globes have corners?
28. How would you describe yourself?
We can see the vast majority of respondents are technical with 87% either being developers, team leaders, or architects. More than half state they are software developers. And 2% of C-level respondents took the time out of their schedules to take our quiz.
29. How do you rank your security expertise?
Security is often considered one of the dark arts. Many developers learn only ‘just enough’ to get by and allow them to deliver their feature work, meaning the real experts are those who have a dedicated security career. As developers are owning more and more application security responsibility being owned by developers, this is becoming a hot topic. In our survey,1% of respondents state they have zilch, none, zero out of ten security knowledge and are just happily writing their struts applications. Ok, we made that last bit up. The same number state they are true security experts, and modestly gave themselves 10 out of 10. The majority sit around the 5-7 mark with 6 in 10 respondents stating they’re no expert, but certainly not novices.
30. How old are you?
Programming remains a profession associated with the young and early middle-aged. 38% of readers are younger than 35, 35% are between 35 and 45, and only 25% are older than that. Survey data shows a correlation between positions of greater responsibility and age, suggesting that the lower numbers after middle age are in part due to programmers moving into management positions.
31. How many years of paid professional experience with Java do you have?
There was quite a range of experience among our respondents as you can see from the graph, but we wanted to also look at the median ages of our job roles back from question 28, to see when people typically receive promotions. The results are very interesting, with the median developer having 10 years’ experience, team leaders 11 years’ experience, architects with 14 years, and finally C-levels with 12 years’ experience.
32. What is the size of your company?
With almost 40% of respondents working for companies that have less than 100 employees, we see that Java continues to have a significant role in startups and in small-to-medium businesses. This finding is at odds with the perception of Java being the language for enterprise apps. It is that, certainly, but definitely not only that.
33. Where do you principally get information about Java online?
StackOverflow remains the preferred forum for asking one-off questions and grepping replies to previous answers for useful information. Oracle’s excellent documentation is a natural place for reference. Java Magazine presents long-form, in-depth articles for readers wishing to fully understand a topic, and YouTube does the equivalent in video form. DZone and to a lesser extent InfoQ overlap all these areas. (Respondents could choose multiple answers.)
34. Are you a member of a Java User Group (JUG)?
JUGs remain an underused resource in the community with only 1 in 5 developers attending one meeting a year. The overwhelming two-thirds of respondents are not members of any JUG whatsoever. If geography is a factor for those developers, the Virtual Java User Group is an excellent solution.
35. How much do you contribute to open source?
Open source remains what it has primarily been from the start: the domain of a small minority of dedicated developers. The existence of GitHub and other easily accessible code repositories has helped developers to contribute their code, but with more than 1 in 2 developers never having contributed to an open source project, there’s still a lot of work to be done. You should want to contribute back so that rather than just being one of the 19 in 20 developers using open source, you can one day be one of the 19 in 20 developers contributing to open source.
Overall Report Summary
About your JDK
7 in 10 developers use the Oracle JDK in production
2 in 10 developers use OpenJDK in production
8 in 10 developers are on Java SE version 8 in production.
1 in 10 developers have migrated to version 9 or higher
Almost 3 in 10 developers don't know how to handle the new Java release cadence
Over 3 in 10 developers plan to only stay on the LTS releases of Java
Only 1 in 10 developers plan to stay on the latest version of Java
Almost 5 in 10 developers are on Java EE 7 or 8
Java EE 7 is still the most popular Enterprise version of Java with almost 3 in 10 developers using it
9 in 10 JVM developers use Java
Kotlin edges past Groovy and Scala in language usage on 2.42%
About your Tools
9 in 20 developers now use IntelliJ IDEA
6 in 10 developers use Maven to build their main project
Over 7 in 10 developers still don't use static security tools
Almost 6 in 10 developers use Jenkins in CI
Almost 3 in 4 developers use Git as their SCM
GitHub, BitBucket and GitLab take an almost even share of the code repository market
Almost 8 in 10 developers use JUnit
About your platform
Over 6 in 10 developers who use cloud platforms deploy on AWS
Over 4 in 10 developers use Containers
Over 4 in 10 developers use no CD tools whatsoever
About your application
Almost 6 in 10 developers also have front-end JavaScript in their application
Almost 1 in 4 developers also use Node in their application
4 in 10 developers use Spring Boot
Over 1 in 2 developers use Hibernate in their applications
Almost 3 in 10 developers use Oracle Database in production
4 in 10 developers use Tomcat in production
1 in 4 developers have no idea how many OS dependencies their application brings in
19 in 20 developers use open source dependencies in their application
About your processes
1 in 10 developers release their code multiple times a day
Half of developers don't have their codebases audited
There's more to this report! Which section do you want to read next?
JVM Ecosystem report 2018 - About your Platform and Application
JVM Ecosystem report 2018 - About your processes and you