Coverity Report on Code Quality: Open Source vs. Proprietary Code

Dogbiscuit · May 7, 2013

The study found that open source projects have an average of .68 defects per 1,000 lines of code, while proprietary projects have about .69 defects per 1,000 lines. But when projects were compared based on the total number of lines, some intriguing differences emerged.

Open source projects with 500,000 to 1 million lines of code had, on average, .44 defects per 1,000 lines of code. Proprietary projects in the same range had .98. But opens source projects with over one million lines of code had .75 defects per 1,000 lines. Proprietary projects in the same range had only .66.
Click to expand...

http://www.wired.com/wiredenterprise/2013/05/coverity-report/

Wild Hunter · May 7, 2013

Completely expected IMO.

And btw, the article inverted the average data. See the Coverety table for the right comparison.

Mman79 · May 7, 2013

In other words it's saying exactly what a good many people have known all along. Open source doesn't always mean better.

Mrkvonic · May 7, 2013

Or the report is random. Bollocks.
Meaningless information.

You can take any group and look for common things.
Does this imply anything? Maybe. Maybe not.

What does a defect mean?
How does it bear?
User space/kernel code? Drivers?
Impact?
Time to fix?
Detection method?

WHAT IS THE STANDARD ERROR!

This is the most important part missing.
If the error is say 0.42, then all of the data is meaningless.

This is what happens when you give math to people who measure success in the number of clicks.

Mrk

Nebulus · May 7, 2013

Wait, wait... so programmers make the same number of mistakes on average if they work for a close-sourced project or an open-source project? Shocking!

safeguy · May 7, 2013

Only 13 projects were over the 1 million mark, but the average size of the open source projects Coverity analyzed was 580,000 lines in 2012, up from 425,179 in 2008.
Click to expand...

-> The average for open-source projects have 500,000 to 1 million lines of code.

Open source projects with 500,000 to 1 million lines of code had, on average, .44 defects per 1,000 lines of code. Proprietary projects in the same range had .98.
Click to expand...

-> That's a .54 difference in average.

Compare these 2 and tell me what you infer from the results

Dogbiscuit · May 7, 2013

From the report:

For those not familiar with the Coverity Scan™ service, it began as the largest public-private sector research project in the world focused on open source software quality and security. Initiated in 2006 with the U.S. Department of Homeland Security, Coverity now manages the project, providing our development testing technology as a free service to the open source community to help them build quality and security into their software development process.
Click to expand...

Our mission with the Coverity Scan service is to help further the adoption of open source software by providing open source projects with an opportunity to build code quality and security into their development process in the same way as commercial projects. We continually learn from our commercial customers and are building this knowledge into our technology—from improved accuracy to ease-of-use in the development workflow—to bring these best practices to the open source community.
Click to expand...

Based on the millions of lines of open source code we have scanned over the past seven years, we have become an authority on the state of open source software quality. Our aim is to provide the industry with an objective industry standard that commercial projects can use to assess open source software quality, and ultimately increase the adoption of open source.
Click to expand...

Log in or Sign up

Coverity Report on Code Quality: Open Source vs. Proprietary Code

Dogbiscuit Guest

Wild Hunter Former Poster

Mman79 Registered Member

Mrkvonic Linux Systems Expert

Nebulus Registered Member

safeguy Registered Member

Dogbiscuit Guest

Log in or Sign up

Coverity Report on Code Quality: Open Source vs. Proprietary Code

Dogbiscuit Guest

Wild Hunter Former Poster

Mman79 Registered Member

Mrkvonic Linux Systems Expert

Nebulus Registered Member

safeguy Registered Member

Dogbiscuit Guest

Useful Searches