I’m a huge proponent of open source software. I’ve always found it to be just as good as proprietary software that I would have to pay an arm and leg for. Microsoft Word? Ha, I use Open Office. iTunes? Even a bigger jovial laugh as I use foobar.
Anyway, Coverity released the results of their 2011 Coverity Scan Open Source Integrity Report yesterday. The 2011 report is the fifth of its kind that was started in 2006 as a joint project between Coverity and the U.S. Department of Homeland Security. The report is now owned and managed by Coverity.
The results were obtained through a large scan of the code found in open source and proprietary software. The scan is used to find new and existing defects in software code. The 2011 scan covered more than 37 million lines of open source code. The scan also reported on over 300 million lines of code from proprietary software.
The key findings from the scan include:
Over 37 million lines of code from forty-five of the most active open source projects in Scan were analyzed. The average open source project in Scan has 832,000 lines of code. The average defect density, or the number of defects per thousand lines of code, across open source projects in Scan is .45.
Over 300 million lines of code from forty-one proprietary codebases of anonymous Coverity users were analyzed. The average proprietary codebase has 7.5 million lines of code. The average defect density for proprietary codebases of Coverity users is .64.
Both open source code quality and proprietary code quality, as measured by defect density, is better than the average for the software industry, which is a defect density of 1.0.
Linux 2.6, PHP 5.3, and PostgreSQL 9.1 are recognized as open source projects with superior code quality and can be used as industry benchmarks, achieving defect densities of .62, .20, and .21 respectively.Open source code quality is on par with proprietary code quality, particularly in cases where codebases are of similar size. For instance, Linux 2.6, a project with nearly 7 million lines of code, has a defect density of .62 which is roughly identical to that of its proprietary codebase counterparts.
Organizations that make a commitment to software quality by adopting development testing as a part of their development workflow, as illustrated by the open source and proprietary codebases analyzed, reap the benefits of high code quality and continue to see quality improvements over time.
As the findings point out, the quality gap between open source and proprietary software is now closed. It’s pretty impressive what a bunch of people who are passionate about what they do can accomplish. The complexity and maturity of Mozilla Firefox as a browser is testament to what open source can accomplish.
If you want to read the full report, register for a copy here.
[Lead image courtesy of James Roper]