New data from ecosyste.ms drops a hard truth: almost 60% of 11.8M open source projects are solo acts. Even among NPM packages topping 1M monthly downloads, about half still rest on one pair of hands.
The world runs on open source. But the scaffolding seems shakier than anyone wants to admit—millions rely on code maintained by lone developers, many juggling it on top of everything else.
Why it matters: Supply chain risk isn’t just where the code comes from. It’s who shows up to fix it when things break. Right now, that’s usually one person.
