Open source developers make progress in adopting secure practices

No Comments

Secure software development practices are increasingly being adopted by open source software (OSS), and are underscoring the importance of managing OSS risk.

The latest report from development platform Synopsys uses results from the free Coverity Scan static analysis solution to assess the quality of development practices and the overall maturity of the OSS ecosystem.

"Due to the ubiquity of open source and the vital role it plays in virtually all types of software, understanding and managing its risks can no longer be optional," says Andreas Kuehlmann, senior vice president and general manager of the Synopsys Software Integrity Group. "The Coverity Scan Report highlights the progress of some of the most mature and widely used open source projects, and it provides invaluable insights for the broader software community that depends on the integrity of open source."

Since January 2016, 4,117 active projects have submitted builds for analysis. Of those, nearly 50 percent (2,049) use Travis CI, indicating using of continuous integration/continuous deployment (CI/CD) practices. In addition 2,509 projects have been triaged, which requires developers to have intimate knowledge of the codebase. Plus, 1,120 projects were configured to make use of modeling, a mechanism for improving the quality of their analysis results. The adoption of CI/CD and remediation of actionable defects by developers highlights the value of static analysis to the OSS ecosystem and indicates the increasing maturity of OSS projects.

The results also indicate that commercial and OSS ecosystems are converging. According to some of the largest commercial users of Coverity, software shipped to customers can contain up to 90 percent open source code. In addition, there are now companies founded entirely on OSS proving that OSS is now the norm.

You can find out more about the report and Coverity Scan on the Synopsys website. You can also sign up for a live Q&A to discuss the findings to be held on November 8th.

Photo CreditESB Professional / Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

How writing zip support for Windows almost cost its creator his job at Microsoft

Apple AirPlay comes to IHG Hotels and Resorts

Millennials are key targets for phishing

Get 'Applied Machine Learning and AI for Engineers' (worth $67.99) for FREE

Best Windows apps this week

The dynamics of modern Windows device management [Q&A]

Netflix says it will no longer share details of subscriber numbers

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

61 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

12 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.