Skip to main content

JVM Ecosystem report 2018 - About your processes and you

Written by:
Andrew Binstock

Andrew Binstock

October 17, 2018

0 mins read

Welcome to the largest survey ever of Java developers. The data presented in the following report was taken from more than 10,200 questionnaires. If you were one of those survey-takers, many thanks to you for putting aside the time to share your experience for the benefit of others.This report is split across four posts:

  1. JVM Ecosystem report 2018 - About your JDK

  2. JVM Ecosystem report 2018 - About your Tools

  3. JVM Ecosystem report 2018 - About your Platform and Application

  4. JVM Ecosystem report 2018 - About your processes and you

We also have a lovely handcrafted pdf report which contains all of this information in one downloadable place.

DOWNLOAD THE JVM ECOSYSTEM 2018 REPORT!

About your Processes

25. How often do you release new versions of your code?

Worryingly, almost 1 in 4 respondents (24%) don’t know how often their code is released! This again might be due to the complexity of the application and perhaps different services are being released at various times.Almost 1 in 10 respondents are brave enough to release multiple times a day, but then again, when you release that often, bravery is replaced with consistency. The majority of respondents release once every couple of weeks to once a month. More than 1 in 10 respondents release once every six months or less. Better clear my plans for the week, we’re releasing on Monday.

blog/how-many-times-do-you-release-your-application

26. How often do you audit your code?

About half the sites audit their code. And only almost 1 in 4 do so more than once a quarter. Whether the audit be for security, performance or quality it’s good to have a clear out. With half of the respondents not auditing their code whatsoever, just imagine the gremlins that could exist in those codebases!

code-audits

About You

27. Where do you do your development work?

Not much to say here, other than we expected more respondents to come from North America. Perhaps they’ve lost all confidence in voting all together! It’s great to see representation from all corners of the globe. Hmmm, do globes have corners?

blog/where-do-you-develop-your-code

28. How would you describe yourself?

We can see the vast majority of respondents are technical with 87% either being developers, team leaders, or architects. More than half state they are software developers. And 2% of C-level respondents took the time out of their schedules to take our quiz.

blog/what-is-your-job

29. How do you rank your security expertise?

Security is often considered one of the dark arts. Many developers learn only ‘just enough’ to get by and allow them to deliver their feature work, meaning the real experts are those who have a dedicated security career. As developers are owning more and more application security responsibility being owned by developers, this is becoming a hot topic. In our survey,1% of respondents state they have zilch, none, zero out of ten security knowledge and are just happily writing their struts applications. Ok, we made that last bit up. The same number state they are true security experts, and modestly gave themselves 10 out of 10. The majority sit around the 5-7 mark with 6 in 10 respondents stating they’re no expert, but certainly not novices.

blog/how-do-you-rate-your-security-expertise

30. How old are you?

Programming remains a profession associated with the young and early middle-aged. 38% of readers are younger than 35, 35% are between 35 and 45, and only 25% are older than that. Survey data shows a correlation between positions of greater responsibility and age, suggesting that the lower numbers after middle age are in part due to programmers moving into management positions.

blog/how-old-are-you

31. How many years of paid professional experience with Java do you have?

There was quite a range of experience among our respondents as you can see from the graph, but we wanted to also look at the median ages of our job roles back from question 28, to see when people typically receive promotions. The results are very interesting, with the median developer having 10 years’ experience, team leaders 11 years’ experience, architects with 14 years, and finally C-levels with 12 years’ experience.

blog/how-many-years-of-experience-in-java-do-you-have

32. What is the size of your company?

With almost 40% of respondents working for companies that have less than 100 employees, we see that Java continues to have a significant role in startups and in small-to-medium businesses. This finding is at odds with the perception of Java being the language for enterprise apps. It is that, certainly, but definitely not only that.

blog/how-big-is-your-company

33. Where do you principally get information about Java online?

StackOverflow remains the preferred forum for asking one-off questions and grepping replies to previous answers for useful information. Oracle’s excellent documentation is a natural place for reference. Java Magazine presents long-form, in-depth articles for readers wishing to fully understand a topic, and YouTube does the equivalent in video form. DZone and to a lesser extent InfoQ overlap all these areas. (Respondents could choose multiple answers.)

blog/where-do-you-get-your-java-knowledge

34. Are you a member of a Java User Group (JUG)?

JUGs remain an underused resource in the community with only 1 in 5 developers attending one meeting a year. The overwhelming two-thirds of respondents are not members of any JUG whatsoever. If geography is a factor for those developers, the Virtual Java User Group is an excellent solution.

blog/are-you-a-member-of-a-jug

35. How much do you contribute to open source?

Open source remains what it has primarily been from the start: the domain of a small minority of dedicated developers. The existence of GitHub and other easily accessible code repositories has helped developers to contribute their code, but with more than 1 in 2 developers never having contributed to an open source project, there’s still a lot of work to be done. You should want to contribute back so that rather than just being one of the 19 in 20 developers using open source, you can one day be one of the 19 in 20 developers contributing to open source.

blog/how-much-do-you-contribute-to-open-source

Overall Report Summary

About your JDK

  • 7 in 10 developers use the Oracle JDK in production

  • 2 in 10 developers use OpenJDK in production

  • 8 in 10 developers are on Java SE version 8 in production.

  • 1 in 10 developers have migrated to version 9 or higher

  • Almost 3 in 10 developers don't know how to handle the new Java release cadence

  • Over 3 in 10 developers plan to only stay on the LTS releases of Java

  • Only 1 in 10 developers plan to stay on the latest version of Java

  • Almost 5 in 10 developers are on Java EE 7 or 8

  • Java EE 7 is still the most popular Enterprise version of Java with almost 3 in 10 developers using it

  • 9 in 10 JVM developers use Java

  • Kotlin edges past Groovy and Scala in language usage on 2.42%

About your Tools

  • 9 in 20 developers now use IntelliJ IDEA

  • 6 in 10 developers use Maven to build their main project

  • Over 7 in 10 developers still don't use static security tools

  • Almost 6 in 10 developers use Jenkins in CI

  • Almost 3 in 4 developers use Git as their SCM

  • GitHub, BitBucket and GitLab take an almost even share of the code repository market

  • Almost 8 in 10 developers use JUnit

About your platform

  • Over 6 in 10 developers who use cloud platforms deploy on AWS

  • Over 4 in 10 developers use Containers

  • Over 4 in 10 developers use no CD tools whatsoever

About your application

  • Almost 6 in 10 developers also have front-end JavaScript in their application

  • Almost 1 in 4 developers also use Node in their application

  • 4 in 10 developers use Spring Boot

  • Over 1 in 2 developers use Hibernate in their applications

  • Almost 3 in 10 developers use Oracle Database in production

  • 4 in 10 developers use Tomcat in production

  • 1 in 4 developers have no idea how many OS dependencies their application brings in

  • 19 in 20 developers use open source dependencies in their application

About your processes

  • 1 in 10 developers release their code multiple times a day

  • Half of developers don't have their codebases audited

There's more to this report! Which section do you want to read next?

  1. JVM Ecosystem report 2018 - About your JDK

  2. JVM Ecosystem report 2018 - About your Tools

  3. JVM Ecosystem report 2018 - About your Platform and Application

  4. JVM Ecosystem report 2018 - About your processes and you

DOWNLOAD THE JVM ECOSYSTEM 2018 REPORT!

Level Up Your CI/CD Pipelines

See how these 8 tips can help you catch security issues in the pipe BEFORE you push to production ⭐️