How to use the Sonar Cloud toolset

How to use the Sonar Cloud toolset

In software development, keeping code quality high is crucial for the success and longevity of any project. SonarCloud is a useful tool for developers to evaluate and improve code quality. It offers a detailed analysis of different code metrics, helping teams spot problems and areas that need improvement. Two of the most important metrics are Maintainability and Complexity. In this post, I’ll explore why these metrics matter, how they are calculated, and how they affect your project’s health and performance.

SonarCloud metrics that you should pay attention to

All gathered metrics of scanned projects can be found on the project page in the Measures section

Here are 9 categories of metrics that have been collected by the sonar scanner. The most valuable for us is Complexity and Maintainability

Maintainability

This metric shows us how maintainable our code is; it’s necessary to understand if support and extension of our application are expensive. SonarCloud calculates maintainability as the total amount of technical debt according to the SQALE model.  The SonarCloud calculates a maintainability rating that applies to the percentage of debt ratio metric. This is the ratio between the cost to develop the software and the cost to fix it. The Technical Debt Ratio formula is:

Remediation cost / Development cost

Which can be restated as:

Remediation cost / (Cost to develop 1 line of code * Number of lines of code)

The cost of developing a line of code is 0.06 days.

SonarCloud, in most cases, tracks only issues related to code smells that match the rules declared in settings and does not find all design issues and some memory leaks, so these should be found in the manual code review.

You definitely track technical debt on your project, but you probably can’t calculate its total impact and how much time you will need to pay it down. This metric would be useful for you, and you can track the history of debt changes. 

The maximum accepted size of tech debt is up to a specific project, but I recommend keeping your code clean and trying to reduce it to 0. However, in a real environment, this is impossible because some features are developing under time or other pressure, and some technical debt could be deliberate.

We’d like to point out that existing technical debt makes an impact on the cost of changes and makes development more expensive and longer.

Complexity

Complexity is another valuable category of metrics that you should pay attention to. Extra complexity impacts code readability and performance. I would like to point out cognitive complexity as an advanced view of overall code complexity and a metric that displays a clearer picture of how complicated your code is, what issues you could face in supporting and extending it, and what parts of code could affect your application’s performance.

Experts from the SonarSource team recommend that the recommended maximum on the method level is 15. At the class level, it depends on what you expect in the package. For instance, in a package that should only hold classes with fields and simple getters or setters, a class with a Cognitive Complexity over 0 (5? 10?) probably deserves another look. On the other hand, in a package that holds business logic classes, a class score >= … 150(?) might indicate that it’s time to look at splitting the class. However, the recommended maximum could not be specified because it depends on the application’s purposes.

In conclusion, understanding and monitoring the Maintainability and Complexity metrics provided by SonarCloud is essential for any development team aiming to produce high-quality, maintainable, and efficient code. By keeping an eye on your project’s technical debt and cognitive complexity, you can make informed decisions that will reduce future costs, enhance performance, and improve overall code readability. Although it’s challenging to eliminate technical debt entirely, striving for minimal debt and manageable complexity will lead to more robust and adaptable software. Remember, investing time in code quality today can save significant resources and headaches in the future.

vovando Avatar

Leave a Reply

Your email address will not be published. Required fields are marked *