About fifteen years ago, software developers used very little open source software and instead tended to write most or all of the software themselves. By comparison, today the majority of the software components that comprise an application are written by others. In today's software development field, software components created by others are used much more than ever before, and this trend is increasing.
As a result, today's developers have, in effect, delegated the responsibility for quality to the open source community. A popular belief with regard to open source software components is that the software component must be good because numerous developers are looking at it. This, however, is a faulty assumption. Sometimes open source software has many issues.
The developers, moreover, have little visibility and understanding of the open source software components which they are using. The available tools for software development makes it easy to use open source, but the tools do not make it easy to understand the open source and its possible issues. Compounding the lack of visibility and understanding is the fact that software from the open source realm tends to depend on other open source elements.
A software repository is a known technique to provide developers with a convenient collection of re-used and re-usable software components, whether open source or otherwise. In other words, a software repository provides a storage of components which the software developers will use.
A conventional repository manager can be used as a central point of storage and exchange for software component usage. For example, a conventional repository manager provides the ability to proxy a remote repository and to cache components into a local repository, to save bandwidth and time required to repeatedly retrieve a software component from a remote repository. The ability to host a local repository provides an organization with a convenient collection of software components used by the organization. Nevertheless, the problem with visibility and understanding of the software components remains.