CodeScene explained

CodeScene is a software engineering intelligence platform that combines code quality metrics with behavioral code analysis. It provides visualizations based on version control data and machine learning algorithms that identify social patterns and hidden risks in source code.^[1]

CodeScene offers several features that support software maintainability and evolution within large-scale software development environments. The platform delivers several actionable performance indicators that assist software organizations in identifying risks and bottlenecks. CodeScene’s research team employs an evidence-based approach to validate how these indicators are associated with business-critical variables such as development velocity and defect density.

The platform uses its Code Health metric to evaluate the maintainability of source code. Another significant feature is the concept of hotspots which are areas of code that are frequently modified. This concept is inspired by geographic profiling a technique used in criminal investigations, which is reflected in the naming of CodeScene.

By focusing on improving Code Health in hotspots, CodeScene aims to assist software development organizations in prioritizing technical debt mitigation. This approach is intended to enhance the maintainability and quality of software projects.

History

CodeScene is based on the ideas from the book Your Code As A Crime Scene: Use Forensic Techniques to Arrest Defects, Bottlenecks, and Bad Design in Your Programs^[2] by CodeScene's founder Adam Tornhill.

The first version of CodeScene was released in 2016,^[3] and the current version is 6.5 which comes with auto-generated PDF reports, architectural code health metrics, quality gates for build pipelines, and can put costs on hotspots.^[4]

In January of 2021, CodeScene raised from Inventure and Luminar to expand its business.^[5] In August of 2023, CodeScene also raised €7.5 Million in a financing round led by Neqst.^{[6] [7]}

Overview

CodeScene measures code quality using its Code Health metric. Code Health focuses on how cognitively difficult it is for human developers to comprehend a piece of source code. The metric aligns with the mindset that the best strategy for gauging code quality is to aggregate a set of specific complexity attributes.^[8] CodeScene parses source code to identify the presence of established code smells, e.g., ‘’God Class’’, ‘’God Methods’’, and ‘’Duplicated Code’’. The presence of code smells is combined into a numeric value between 1 and 10. The lower end represents extremely poor maintainability, and the upper end indicates top-notch code that is easy to maintain. CodeScene categorizes files into one of three sub-intervals: healthy (9 or higher), warning (between 4 and 9), and alert (lower than 4).

CodeScene includes support for the following programming languages:C, C++, C#, Java, Groovy, JavaScript, TypeScript, Objective-C, Scala, Python, Swift, Go, Kotlin, Visual Basic .Net, PHP, Perl 5, Dart, Erlang, Ruby, React, ECMAScript, Vue.js, Rational Software Architect Models, Clojure, PowerShell, TCL, Apex, Elixir, Rust and BrightScript.^[9]

The Software as a service version of CodeScene is available for free for open source projects.^[10] CodeScene is also available in an on-premise version that includes more advanced features like continuous integration support, Jira integration for cost calculations, and on- and off-boarding simulations.

Scientific research and impact

CodeScene is grounded in empirical software engineering research. The company is an active contributor to the academic community through its publication of research articles, organization of academic events, and participation in peer-review service. Examples of large research collaborations supported by publicly funded projects include the European Eureka ITEA3 TESTOMAT project, the Vinnova-backed competence center NextG2Com, and the SESAM project funded by the Swedish Knowledge Foundation.

The majority of academic research concerning CodeScene has concentrated on the validation of its Code Health metric. This metric has been extensively studied to assess its efficacy in identifying software maintainability issues. The research mission at CodeScene aims to frame source code quality as a business concern, not just a technical aspect. The primary research method used by CodeScene is mining software repositories using anonymous log files from static program analysis of proprietary projects. This approach contrasts with the majority of software engineering mining studies, which typically rely on open-source software repositories.

Example findings from empirical studies of CodeScene include:

• Significant differences exist between files with low and high Code Health. Files with alert-level Code Health contain 15 times more defects than healthy files. Moreover, resolving issues in alert-level code requires, on average, 124% more development time, and issue resolutions in such code are plagued by uncertainty as they involve nine times longer maximum cycle times.^[11]
• A software development organization's value creation varies across the Code Health spectrum, with strong nonlinearities at the extremes of the spectrum. This study, which received the best paper award at the International Conference on Technical Debt in 2024, indicates that the return on investment for code refactoring is amplified in the upper end of Code Health.^[12]
• Project newcomers are particularly challenged when working with alert-level source code, requiring 45% more time for small changes and 93% more time for large changes in low-quality source code. This finding highlights the additional challenges faced by newly onboarded developers in environments burdened by technical debt.^[13]
• There is a strong correlation between Code Health and the total number of security vulnerabilities. This study was conducted by independent researchers based in Egypt.^[14]

Reception

CodeScene was featured on the ThoughtWorks Technology Radar^[15] as a social code analysis tool.

CodeScene users report that CodeScene is "The right way to manage technical debt", "A new standard for quality assurance", and provides "Insights like never seen before".^[16]

CodeScene's free version is used to visualize the case studies in Adam Tornhill's book Software Design X-Rays: Fix Technical Debt with Behavioral Code Analysis.^[17]

External links

• CodeScene
• CodeScene Cloud

Notes and References

1. Book: Tornhill . Adam . Assessing Technical Debt in Automated Tests with CodeScene . 2018 . 2018 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW) . 122–125 . 10.1109/ICSTW.2018.00039. 978-1-5386-6352-3 .
2. Book: Tornhill . Adam . Your Code as a Crime Scene Use Forensic Techniques to Arrest Defects, Bottlenecks, and Bad Design in Your Programs . 2015 . Pragmatic Bookshelf . Raleigh, North Carolina . 978-1680500387.
3. Web site: Tornhill . Adam . CodeScene: The First Three Years . CodeScene AB . 23 October 2018.
4. Web site: CodeScene 4.0: Dawn of a new User Interface . CodeScene AB.
5. Web site: De förutspår felaktig kod med hjälp av ai – tar in 30 miljoner. DiGITAL. 17 January 2021 .
6. Web site: Neqst Investments . Neqst.
7. Web site: CodeScene Raises €7.5 Million in a Financing Round. CodeScene AB.
8. Fenton . N. . 1994 . Software Measurement: A Necessary Scientific Basis . IEEE Transactions on Software Engineering . 20 . 3 . 199–206 . 10.1109/32.268921.
9. Web site: Supported Programming Languages. CodeScene . CodeScene AB . 24 October 2019.
10. Web site: CodeScene Cloud plans . 23 October 2018.
11. Book: Tornhill . Adam . Borg . Markus . Code red: The business impact of code quality - a quantitative study of 39 proprietary production codebases . 2022 . Proceedings of the International Conference on Technical Debt . 11–20 . 10.1145/3524843.3528091. 978-1-4503-9304-1 .
12. Book: Borg . Markus . Pruvost . Ilyana . Mones . Enys . Tornhill . Adam . Increasing, not Diminishing: Investigating the Returns of Highly Maintainable Code . 2024 . Proceedings of the 7th ACM/IEEE International Conference on Technical Debt . 21–30 . 10.1145/3644384.3644471. 979-8-4007-0590-8 .
13. Book: Borg . Markus . Tornhill . Adam . Mones . Enys . U Owns the Code That Changes and How Marginal Owners Resolve Issues Slower in Low-Quality Source Code . 2023 . Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering . 368–377 . 10.1145/3593434.3593480. 979-8-4007-0044-6 .
14. Al-Boghdady . Abdullah . Wassif . Khaled . El-Ramly . Mohammad . 2021 . The Presence, Trends, and Causes of Security Vulnerabilities in Operating Systems of IoT's Low-End Devices . Sensors . 21 . 7 . 2329 . 10.3390/s21072329. free . 33810605 . 8037610 . 2021Senso..21.2329A .
15. Web site: Social code analysis . Thoughtworks Tech Radar . Thoughtworks, Inc. . 23 October 2018.
16. Web site: CodeScene Reviews and Pricing . Capterra . 24 October 2019.
17. Book: Tornhill . Adam . Software Design X-Rays: Fix Technical Debt With Behavioral Code Analysis . 2018 . Pragmatic Bookshelf . Raleigh, North Carolina . 978-1680502725.