Sonatype’s 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks.