The state of open source integrity is pretty good
While I was writing, Coverity was hitting my inbox with its annual Coverity Scan Open Source Report, an annual analysis of the integrity of open source software. (You can get the full report here.)
The results were pretty good. The "density" of open source defects has been cut 16% in just three years. We're talking here of popular open source programs such as Firefox, Linux, PHP, Ruby and Samba, for both consumer and business markets.
The Coverity Scan service has identified over 11,200 defects, which have since been fixed, since 2006. Some 180 programs are now in the program.
Coverity uses a system of "rungs" to rank the integrity of programs, and says open source is moving up the rungs smartly. OpenPAM, Ruby, Samba and tor are the first open source programs to make it to Rung 3, the company said.
Coverity is also collecting comments on the scan at its blog.
It is often assumed, in the proprietary world, that old software is stale software. It gets stale in terms of sales, and the development effort can decline with time, as its owner moves on to other projects that make more money. Old products become different products, and old versions are forgotten.
The Coverity Scan effort, and the work of projects to support it, proves this is not the case in the open source world. Older software can be better software, just like older writers can be better with experience.