Coverity Report: Open Source Code Quality Matches Proprietary

by Ostatic Staff - Feb. 27, 2012

Coverity is out with its 2011 Open Source Scan Integrity report. For years now, the company has performed detailed analyses of most major and many small open source platforms and applications, producing a lot of notable data on how projects are finding audiences, and how reliable various platforms and applications are. Here are some of the details from the latest report.

Coverity's Scan report includes actual analysis of the lines of code within open source software offerings. This year's report involved scanning more than 300 million lines of code. Linux 2.6, PHP 5.3, and PostgreSQL 9.1 all emerged as very reliable from a code integrity perspective, although even they have some defects.

Here are other key findings from Coverity:

"Open source code quality is on par with proprietary code quality, particularly in cases where codebases are of similar size. For instance, Linux 2.6, a project with nearly 7 million lines of code, has a defect density of .62 which is roughly identical to that of its proprietary codebase counterparts.

-- Organizations that make a commitment to software quality by adopting development testing as a part of their development workflow, as illustrated by the open source and proprietary codebases analyzed, reap the benefits of high code quality and continue to see quality improvements over time."

"The line between open source and proprietary software will continue to blur over time as open source is further cemented in the modern software supply chain," Zack Samocha, Coverity Scan Project Director, said in a statement. "Our goal with Scan is to enable more open source projects to adopt development testing as part of their workflow for ongoing quality improvement, as well as further the adoption of open source by providing broader visibility into its quality."