ZDNet Article: Developers fast to fix open-source bugs


News: ZDNet Article: Developers fast to fix open-source bugs

  1. According to "Developers fast to fix open-source bugs," an article on ZDnet, Coverity ran an audit of various open source projects, and developers reduced the number of flaws from 216 to 18 in one week and to zero in two weeks.

    It's interesting to speculate on why the packages were fixed so quickly: was it because the developers had access to the code, or was it because the bugs were filed clearly, or was it due to demand?

    One of the applications was XMMS, which isn't exactly an application that needs to value security highly (if an application can be said to not need security), so the pressure there would be almost entirely in the desire for quality on the part of programmers.

    What do you think? Do you file bug reports routinely on products, and check to see whether they're being worked on? Do you fix such bugs?

    Threaded Messages (12)

  2. Hi folks,

    I have often considered why it is that software folk contribute their time to Open-source projects - and relatedly, what the business case is for these projects.

    Granted, some developers will go on to obtain professional kudos and/or lucrative consultancy opportunities arising from their contributions. However, the relative scarcity of such opportunities is unlikely to account for much of the developer activities in the Open source community.

    I would be fascinated to hear why people contribute so much of their own time to projects that, on the face of it, at least, are unlikely to lead to much in the way of personal gain.

    There are phd's here for some folks, so in the spirit of open source development, here are some contributing ideas from a Psych D Phil (me) turned developer....


    1) The age factor : Hypothesis - younger developers contribute proportionally more of their time - for a start they have more youthful energy (therefore time to expend), and are less likely to have families. Perhaps they are more likely to have the "dream" of being a "name" in software development (a bit like dreaming of being a football or rock star)..

    2) The "community factor": Open source development affords the opportunity of doing good work which may well be appreciated, and endorsed by other members of that particular community. The flip side of this is possibly a sense of personal responsibility for well-intentioned contributions that go wrong (e.g., that lead to a bug or breaks existing features, etc). This would likely generate a motivation to correct the error, or better. My hunch is that much "working for free" behaviour is related to a sense of belonging and responsibility to the community one is engaging with when developing software for an Open source project.

    3) The "it can be done better factor" - having worked with a whole bunch of software developers and architects over the years, I would say there is obviously an intellectual appreciation of what constitutes optimal and suboptimal solutions to a given software problem. Perhaps the existence of suboptimal solutions is a motivation in itself? I am thinking here of the "backlash" against EJB and the emergence of competing frameworks which achieve results in a more intellectually pleasing and fashion. Aesthetic considerations can be included here. I used to work with a great developer who once annotated his own contribution in javadoc with the phrase "this is beautiful code"!

    4) The "I can get something out of this factor" - It seems apparent that some contributors can make a good living out of consultancy on the basis of their contributions. Senior contributors may gain lucrative contracts on the basis of their expertise. Perhaps more significant, technologies that gain momentum among the development community (e.g., Hibernate, Spring, Struts), often start appearing on job advertisements, and being a contributor to such projects may afford well paid job opportunities.

    I would be most interested to hear developers accounts of why they contribute their time so freely. I don't have any personal stake in this other than curiousity.. though I would like to see developers get a fair deal in the software business. Often they don't get that. Usually, it is the sales and managerial staff who make the money. And a lot of them do so on the back of open source projects!

    As a developer who in a previous incarnation wrote papers on organisational psychology, I can say without any doubt that there are a bunch of PHD's awaiting the people who can shed some light on this phenomenon.


    Shaun Dugan
  3. Sorry for typo's[ Go to top ]

    Hi folks,

    Apologies for the typo's relating to my previous post.

    I was not adhering to a cardinal law of writing -

    loop ["read, re-read, correct"].. ad nauseam..

    Still, one has to break out of that loop sometime !


    Shaun Dugan
  4. Hobby[ Go to top ]

    Some people like to build furniture in their spare time, I like to build software. For those building furniture they throw a party for all to see their work. I release as open source.
  5. My limited perspective[ Go to top ]

    From my limited experience over the last 4 years, what I see is that most of the apache developers are not young. In fact, most have kids and are in their 30's.

    Many apache developers work fulltime doing open source and those who don't do it because the tool is useful to them. As for my own reasons. Over the last 9 years, a lot of the work I've done has been contract or consulting, so open source makes me productive. Atleast from my own experience, asking for tools often takes a long time and requires a lot of begging. Using open source tools, I can get working quickly and I can be productive much faster. Say I find a bug in a piece of software. Rather than wait for months for someone else to fix it, I can fix it myself.

    The benefit of helping to make a tool i use better provides a high degree of value to me. Not only do i get deeper experience and a better understanding, it's also a marketable skill. For example, I started using tomcat in 99, but it wasn't until I dove into Tomcat's jasper code that I really started to understand how a servlet container works. The value of diving into JSTL or tomcat code is a lot of fun for me and I do spend a lot of free time reading open source code. Might sound deranged and weird, but I probably spend 10-30 hours a week doing OSS stuff.

    I also work on several other projects, but all them are tools I use on a regular basis. Working on jmeter makes it much easier to write stress and performance test plans. If there wasn't jmeter, I'd have to pay a lot of money to get a license of mercury or some other expensive tool.

  6. Have a look at this paper[ Go to top ]

    A classic in the field - with some reference to the business case for businesses contributing to open source.

  7. Why contribute?[ Go to top ]

    - real techies crave less for money but much for peer-respect. Contributing can earn you lots of "karma".
    - on a CV it can make a difference when you can write that you are a respected committer for an important (famous,...) project. Especially when you are looking for your first job and can report no experience.
    - itching feet. You find a software and use it, it's almost perfect. You make it perfect and give back the changes... and you have contributed... From that moment on it can become an addiction ;-)

  8. Experience[ Go to top ]

    One of the answers mentioned above: experience. Not only the experience for those only starting. For an open mind, the learning is a life-time process. Keeping it short: say you want to get your feet wet in some technology, e.g. JINI. Instead of starting your journey on your own, dive into an open source project, e.g. Rio, look around, get to know people and learn from others, it's that simple.
  9. Hi Shaun,
    I really respect ur ideas,u did a nice job by cosolidating the factors governing the contribution of code and morale to the Open Source community.
    yes , i believe its not the money factor but the"community factor and the can be done factor" that is still driving the open source movement.

    ~ Lokesh
  10. not just urge to contribute[ Go to top ]

    Open Source bugs are much more public than bugs in closed source systems.

    And human nature does not like public mistakes. So people have a greater urge to fix them.
  11. not just urge to contribute[ Go to top ]

    Going back to the original issue, 'why bugs can be fixed quickly?'. My experience as a consumer of open source projects for other software is that since I have the code available I can debug it myself. When it it happens to be a real bug generally I can point to the offending line of code to the developers of the project along with a reason why it's a bug. Thus in these cases the investigation and discovery of the bug has been done the by consumer, me, and not the developer.
  12. Thanks[ Go to top ]

    Thanks guys for your interesting posts regarding personal motivations for open source development! I must get round to contributing myself, when I can find some time! :-)

    best regards,

    Shaun Dugan
  13. many of them are not fixing bugs[ Go to top ]

    If you look at the whole list, there are a few that are fixing rapidly ther rest are not fixing or fixing slowly.

    Lets see how long it takes to fix those 1500 X-windows bugs.