{"id":9625,"date":"2017-12-21T02:31:47","date_gmt":"2017-12-21T02:31:47","guid":{"rendered":"http:\/\/abstracta.us\/blog\/?p=9625"},"modified":"2025-05-05T21:20:39","modified_gmt":"2025-05-05T21:20:39","slug":"code-analysis-part-1-know-technical-debt","status":"publish","type":"post","link":"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/","title":{"rendered":"Code Analysis Part 1: What You Should Know About Technical Debt"},"content":{"rendered":"<p><!-- Go to www.addthis.com\/dashboard to customize your tools --><script src=\"\/\/s7.addthis.com\/js\/300\/addthis_widget.js#pubid=ra-58d80a50fc4f926d\" type=\"text\/javascript\"><\/script><\/p>\n<h1><span style=\"font-weight: 400;\">In part one of this three-part series on code analysis, we explore technical debt and the means for tackling it<\/span><\/h1>\n<p><span style=\"font-weight: 400;\">Code quality is often said to be an internal attribute of quality since the user never lays eyes on it. But, there comes a time when this attribute of quality goes from being internal to external, which happens precisely when the code must be changed, yet it takes much longer than it should and so, the user suffers while they wait. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">In order to guarantee correct code quality, you can use different static code analysis tools, such as <\/span><a href=\"https:\/\/www.federico-toledo.com\/alternativas-para-ejecutar-sonarqube\/\"><span style=\"font-weight: 400;\">SonarQube<\/span><\/a><span style=\"font-weight: 400;\">, <\/span><a href=\"https:\/\/www.codacy.com\/public\/jasondobry\/js-data-angular\/dashboard\"><span style=\"font-weight: 400;\">Codacy<\/span><\/a><span style=\"font-weight: 400;\">, <\/span><a href=\"https:\/\/www.kiuwan.com\/\"><span style=\"font-weight: 400;\">Kiuwan<\/span><\/a><span style=\"font-weight: 400;\">, etc. Among the checks on code quality that they carry out are:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Duplicate code<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Lack of unit tests, lack of comments<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Spaghetti code, cyclomatic complexity, high coupling<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Size of source files<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Size of methods<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Not conforming to code standards and conventions<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Known security vulnerabilities<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">These tools allow for automatic static analysis of source code, looking for patterns with errors, bad practices or incidents. In addition, many of them are capable of <\/span><b>calculating a metric known as \u201ctechnical debt.\u201d<\/b><\/p>\n<h2><span class=\"ez-toc-section\" id=\"What_is_Technical_Debt\"><\/span><strong><span style=\"color: #00b674;\">What is Technical Debt?<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The concept of <\/span><b>technical debt<\/b><span style=\"font-weight: 400;\"> is an analogy to explain something as complex as the need to do &#8220;refactoring&#8221; or why invest in the &#8220;code quality.&#8221; When coding under pressure and with the need to deliver something quickly, often times, many good practices, like unit tests, etc. go by the wayside. When they do, it is said that you are acquiring a debt with the software: Today I release the software without having done all these quality practices, and then I am left with the debt of doing them at some point in the future (when I finally have time). <\/span><\/p>\n<p>[tweet_box design=&#8221;default&#8221; float=&#8221;none&#8221;]<span style=\"font-weight: 400;\">The problem associated with technical debt is that, like any debt, <\/span><i><span style=\"font-weight: 400;\">it accrues interest.<\/span><\/i>[\/tweet_box]<i><\/i><\/p>\n<p><span style=\"font-weight: 400;\">When the developer is finally ready to pay that debt, he or she will have to take the time to get back into the mind frame they had when they were developing that functionality. Thus, in the end, the developer will have invested more time going back, tweaking the code than if they had just developed using good practices in the first place when all was fresh in their mind. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">That is why you want to identify any problem in the code quality as soon as possible, in order to pay the debt as soon as possible, without having to pay too much interest.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Technical debt is measured in hours. Code analysis tools have a reference table, and depending on the type of incident, they provide an estimation of how much time should be spent to resolve it. By making the weighted sum based on that table, they manage to estimate the number of days and hours that should be invested to be able to pay the debt.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Code analysis tools generally enable us to categorize the incidents detected according to their severity. This is how there will be<\/span><span style=\"font-weight: 400;\"> issues of blocking, high, medium, and low severity. A strategy can then be established by basing the quality thresholds (also known in some tools as quality gates<\/span><span style=\"font-weight: 400;\">) on the number of issues that are allowed for each category.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To better understand these concepts, it is useful to review the <\/span><a href=\"https:\/\/sonarcloud.io\/projects?sort=-analysis_date\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">SonarQube website<\/span><\/a><span style=\"font-weight: 400;\">. There they have analyzed many open source projects, where you can see what type of incidents are detected, how they are categorized, and what is the resulting calculated technical debt.<\/span><\/p>\n<p><a href=\"http:\/\/abstracta.us\/wp-content\/uploads\/2017\/12\/ejemplo-sonarqube-deuda-t\u00e9cnica-768x465-min.png\"><img decoding=\"async\" class=\"aligncenter wp-image-9629 size-full\" src=\"http:\/\/abstracta.us\/wp-content\/uploads\/2017\/12\/ejemplo-sonarqube-deuda-t\u00e9cnica-768x465-min.png\" alt=\"ejemplo-sonarqube-deuda-t\u00e9cnica-768x465-min\" width=\"768\" height=\"465\" \/><\/a><\/p>\n<p><span style=\"font-weight: 400;\">(In the example I took from the SonarQube site, this project has a debt of 6 days.)<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In the particular case of SonarQube, by defining &#8220;<a href=\"https:\/\/docs.sonarqube.org\/display\/SONAR\/Quality+Gates\" target=\"_blank\" rel=\"noopener noreferrer\">q<\/a><\/span><a href=\"https:\/\/docs.sonarqube.org\/display\/SONAR\/Quality+Gates\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">uality gates<\/span><\/a><span style=\"font-weight: 400;\">&#8221; it is possible to mark acceptable thresholds in the development process, which can be determined based on different metrics. The quality gates definition can also help answer questions such as:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Are there are any new issues that are critical or blocking?<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Is the code coverage of unit tests for the new code greater than 80%?<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Are there more than 10% duplicate lines?<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Are there any known security vulnerabilities?<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">You can start by setting flexible thresholds (quality gates), and throughout the project, try to set more stringent targets. For example, you could start by demanding 100% coverage of public methods, and then increase to have 100% of the lines of code.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s important to emphasize that coverage at the code level does not guarantee that the software is bug-free, not even the most demanding one. Sometimes it doesn\u2019t make sense to propose a 100% coverage of the lines of code. This is due to, more than anything, that some code could be generated automatically by a component or tool, and also because not all modules of the system will have the same criticality. In this sense, it\u2019s possible to define different quality gates for different modules. You can also adjust the rules on which the static analysis is based. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Do you have this type of analysis in your delivery pipeline?<\/span><\/p>\n<p>Ready for part two? We share a tutorial for <a href=\"http:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-2-analyzing-code-sonarqube\/\">analyzing code with SonarQube<\/a>!<\/p>\n<hr \/>\n<h2><span class=\"ez-toc-section\" id=\"Recommended_for_You\"><\/span><strong>Recommended for You<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><a href=\"http:\/\/abstracta.us\/blog\/agile-testing\/5-benefits-adopting-agile-software-project\/\">5\u00a0 Benefits of Adopting Agile in Your Software Project<\/a><br \/>\n<a href=\"http:\/\/abstracta.us\/blog\/software-testing\/debugging-production-overops\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">Debugging in Production with OverOps<\/span><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In part one of this three-part series on code analysis, we explore technical debt and the means for tackling it Code quality is often said to be an internal attribute of quality since the user never lays eyes on it. But, there comes a time&#8230;<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[469],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v14.0.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Code Analysis Pt 1: What You Should Know About Technical Debt | Abstracta<\/title>\n<meta name=\"description\" content=\"The concept of technical debt is an analogy to explain something as complex as the need to do &quot;refactoring&quot; or why invest in the &quot;code quality.&quot;\" \/>\n<meta name=\"robots\" content=\"index, follow\" \/>\n<meta name=\"googlebot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta name=\"bingbot\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Code Analysis Pt 1: What You Should Know About Technical Debt | Abstracta\" \/>\n<meta property=\"og:description\" content=\"The concept of technical debt is an analogy to explain something as complex as the need to do &quot;refactoring&quot; or why invest in the &quot;code quality.&quot;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog about AI-powered quality engineering for teams building complex software | Abstracta\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/AbstractaQA\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-12-21T02:31:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-05-05T21:20:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/abstracta.us\/wp-content\/uploads\/2017\/12\/what-YOU-NEED-TO-KNOW-ABOUT-TECHNICAL-DEBT-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"560\" \/>\n\t<meta property=\"og:image:height\" content=\"315\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@fltoledo\" \/>\n<meta name=\"twitter:site\" content=\"@AbstractaUS\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/abstracta.us\/blog\/#website\",\"url\":\"https:\/\/abstracta.us\/blog\/\",\"name\":\"Blog about AI-powered quality engineering for teams building complex software | Abstracta\",\"description\":\"AI-powered quality engineering\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/abstracta.us\/blog\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"http:\/\/abstracta.us\/wp-content\/uploads\/2017\/12\/ejemplo-sonarqube-deuda-t\\u00e9cnica-768x465-min.png\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/#webpage\",\"url\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/\",\"name\":\"Code Analysis Pt 1: What You Should Know About Technical Debt | Abstracta\",\"isPartOf\":{\"@id\":\"https:\/\/abstracta.us\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/#primaryimage\"},\"datePublished\":\"2017-12-21T02:31:47+00:00\",\"dateModified\":\"2025-05-05T21:20:39+00:00\",\"author\":{\"@id\":\"https:\/\/abstracta.us\/blog\/#\/schema\/person\/7421e539de0357d3adb0c69ed469a1c2\"},\"description\":\"The concept of technical debt is an analogy to explain something as complex as the need to do \\\"refactoring\\\" or why invest in the \\\"code quality.\\\"\",\"breadcrumb\":{\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/abstracta.us\/blog\/\",\"url\":\"https:\/\/abstracta.us\/blog\/\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"position\":2,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/\",\"url\":\"https:\/\/abstracta.us\/blog\/software-testing\/\",\"name\":\"Software Testing\"}},{\"@type\":\"ListItem\",\"position\":3,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/\",\"url\":\"https:\/\/abstracta.us\/blog\/software-testing\/code-analysis-part-1-know-technical-debt\/\",\"name\":\"Code Analysis Part 1: What You Should Know About Technical Debt\"}}]},{\"@type\":[\"Person\"],\"@id\":\"https:\/\/abstracta.us\/blog\/#\/schema\/person\/7421e539de0357d3adb0c69ed469a1c2\",\"name\":\"Federico Toledo, Chief Quality Officer at Abstracta\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/abstracta.us\/blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6de7ec6536c4028b5c02ad4ec1b9af0d?s=96&d=blank&r=g\",\"caption\":\"Federico Toledo, Chief Quality Officer at Abstracta\"},\"description\":\"Co-founder and COO of Abstracta\",\"sameAs\":[\"https:\/\/twitter.com\/fltoledo\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/posts\/9625"}],"collection":[{"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/comments?post=9625"}],"version-history":[{"count":20,"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/posts\/9625\/revisions"}],"predecessor-version":[{"id":12647,"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/posts\/9625\/revisions\/12647"}],"wp:attachment":[{"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/media?parent=9625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/categories?post=9625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/abstracta.us\/blog\/wp-json\/wp\/v2\/tags?post=9625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}