The biggest problem facing software organizations today is an inability to track, monitor, and improve the usage of open source software. This isn’t about security alone. From DevOps to DevSecOps, there are fundamental principles that the best development teams use to guide open source software consumption. Many of these best practices come from traditional manufacturing, which is the focus of the paper, “Driving Software Recalls: Manufacturing Supply Chain Best Practices for Open Source Consumption” from the research of Sonatype's Office of the CTO, Open Source Strategy, Policy, and Regulation in partnership with Atlantic Council’s Open Source Policy Network and Digital Forensic Research Lab (DFRLab).