All the latest UK technology news, reviews and analysis
|
|
|
23 Sep 2009
Coverity, which offers software integrity scanning services, released its latest report on open source projects' code quality today.
It details the results of years worth of studies, talks with the community, and collaboration with the US Department of Homeland Security. The good news is that open source quality is steadily getting better.
Running since 2006, Coverity Scan has analysed more than 60 million lines of code on a recurring basis from more than 280 popular open source projects such as Firefox, Linux and PHP - some 26,181 individual project analysis runs.
It found that overall the quality of open source code has been improving, thanks in part to programmers referring to previous scan results and acting accordingly. More than 11,200 defects discovered in open source programs have been eliminated as a result of using its Scan web site since 2006, Coverity said.
Developers who want to check the integrity of their code can submit it to the Coverity static scan and wait for the results. In 2006 the scan found roughly one defect per 3,333 lines of code, while this year the metric has improved by 20 per cent to approximately one defect per 4,000 lines of code.
Using a static scan makes it easier to repeat the same studies in the same environment, according to Coverity.
Results are reported using a 'scan ladder' to apply a scale of integrity to code and award a position on higher rungs to improving projects.
There are three rungs - 36 of the projects scanned are on Rung 2 and 144 projects are on Rung 1. The highest rung, Rung 3, contains just four projects - Samba, TOR, OpenPAM and Ruby. The company described these as " outstanding examples of high-integrity software", and applauded them for their nightly builds, continuous integration, unit tests and regression tests.
Common coding mistakes still persist and Coverity said that these were NULL pointer deferences, which appeared in almost a third of all programs, resource leaks, and unintentionally ignored expressions.
Latest stories from Developer
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Systems Analyst - Project Lead - Chelmsford, Essex...
Windows Systems Engineer (Windows Log File, Syslog) learn...
Role: MVC PHP Developer Location: London, Central...
Title: Senior Web Developer / Engineer (HTML, JavaScript...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?