2017 Coverity Scan Report

Today, open source software (OSS) development is one of the primary driving forces of technological innovation. From artificial intelligence to the Internet of Things, autonomous driving, and cloud computing infrastructure, OSS plays a pivotal role in the evolution of a wide range of technologies.

But what are the implications of its dominance?

To answer this, we review what we’ve learned about OSS over the past 11 years in the 2017 Coverity Scan Report, Open Source Software—The Road Ahead.

2017 Coverity Scan Report

What have we learned?

  • +1,100,000

    Identified defects

  • 760,000,000

    Lines of code in active projects

  • 600,000

    Defects fixed

  • 4,600

    Active OSS projects

Highlights from the 2017 Coverity Scan Report

The Coverity Scan Report includes analysis of approximately 760 million lines of open source code across several languages, including C/C++, C#, Java, JavaScript, Ruby, PHP, and Python. From these findings, we deduced that:

  • Active projects within Scan show significant adoption of secure software development practices.
  • The adoption of CI/CD and remediation of actionable defects by developers highlight the value of static analysis to the OSS ecosystem. 
  • Software shipped to customers can contain up to 90% open source code and some new companies have been founded entirely on OSS—proving that OSS is now the norm.

Only a few developers are required to make a significant change to the OSS ecosystem.