Case Study: NGINX achieves high code quality and 0.02% defect density with Synopsys Coverity Scan

Helping Developers Ensure Code Quality and Security With Coverity Scan

NGINX Open Source is a high‑performance web server used by hundreds of millions of sites, including Netflix, Hulu, Pinterest, and GitHub, and includes related projects like njs and NGINX Unit. Because NGINX often serves as an internet front end, the team needed to ensure exceptional security and stability across its codebase and integrated static analysis into their CI/CD pipeline, submitting builds daily to catch defects early.

To address this, NGINX uses Coverity Scan, Synopsys’ static-analysis service for open source projects, to automatically detect and prioritize coding defects. In a January 2021 scan Coverity analyzed 658,665 lines of code, identified several issues including two CWE Top 25 defects, and helped NGINX maintain a defect density of just 0.02%, demonstrating the value of routine static analysis.

NGINX

Igor Sysoev

Software’s Author and Cofounder