Is open-source software less error-prone than closed-source software or does disclosing the code rather lead to more detected and exploited vulnerabilities?

Disclosing source texts supports “community reviews”. However, helpful are only the experts within the “community”. Even open-source software does not eliminate the necessity for good test coverage: tests and reviews complement each other. Often, both source code and tests are provided for open-source software. Nevertheless, without code coverage, it is only possible to guess and hope that these tests cover all relevant areas. Yet, hope is not a strategy which should be employed for the success of a software development project. Thus, it is impossible to neglect tests to control test coverage when using the valuable resource “open-source software”. 

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: