Code integrity explained

Code integrity is a measurement used in the software delivery lifecycle. It measures how high the source code's quality is when it is passed on to QA, and is affected by how thoroughly the code was processed by correctness-checking processes (whether manual or automatic). Examples for such correctness-checking processes can be unit testing and integration testing, code review, test automation, AI-based code analysis etc.[1] Code integrity is the combination of applying code correctness processes (software quality) along with metrics that measure the completeness of these correctness-checking processes, such as, for example, code coverage. While code integrity is usually achieved by unit testing the source code to reach high code coverage, it is definitely not the only way, or the best way, to achieve code integrity. In fact, code coverage, a popular metric to measure the thoroughness of unit tests, is known to have a limited correlation with the measure of real code integrity.[2]

Developer's confidence

Code integrity is not just about the correctness of the code, but also about developers’ confidence regarding correctness of their code. With code integrity, the developer can be sure that his/her code is written correctly when passed on to QA. This is, in fact, the expected quality level of the code. Code integrity helps developers and companies release better products, with fewer bugs, in a shorter time.

Shift-left testing and shift-left code integrity

Companies who practice code integrity avoid the classic scenario where the development stage is delayed, delaying the QA stage, delaying the release stage. Products of companies that do not adopt code integrity are released with more bugs (due to time pressure), users report tons of bugs back to the development team, and they start working on version 1.1 shortly after releasing version 1.0, just to fix bugs that could have been avoided.

Shift-left testing is a method to perform related testing during the initial processes of software development, since the QA department cannot measure the code's integrity even after all their tests are run. Shift-left testing and code integrity are tightly connected but integrity consists not only of the testing part of the job which is a sub-task of the larger process of shift-left code integrity. This process not only applies more unit tests along with higher code coverage, but also involves various other correctness-checking processes against relevant data.[3] Here are some examples:

Examples of correctness-checking completeness metrics:
Advantages of shift-left code integrity

Shift-left code integrity enablement

This concept is based on the fact that developers would be able to make full use of the technological advantage if they have the relevant testing tools available to them from the start. As newer software become more and more complex and includes more dependencies, including the right side of the V-model in developers' roles will help them to assume control of the unit testing & integration processes.[4] [5] The result will allow developers to bring up complete environments in many software companies. This trend is expected to continue because in many cases it is impossible to perform unit/integration testing without the full system's context.[6]

Notes and References

  1. A Survey on Machine Learning Techniques for Source Code Analysis . 2110.09610 . Sharma . Tushar . Kechagia . Maria . Georgiou . Stefanos . Tiwari . Rohit . Vats . Indira . Moazen . Hadi . Sarro . Federica . 2021 . cs.SE .
  2. Book: How Effective Are Code Coverage Criteria? . 10.1109/QRS.2015.30 . https://ieeexplore.ieee.org/document/7272926 . 15 March 2023 . 2015 IEEE International Conference on Software Quality, Reliability and Security . 2015 . Hemmati . Hadi . 151–156 . 978-1-4673-7989-2 . 7305779 .
  3. Book: High Level Test Driven Development – Shift Left . 10.1007/978-3-319-18612-2_23 . https://link.springer.com/chapter/10.1007/978-3-319-18612-2_23 . 15 March 2023 . Agile Processes in Software Engineering and Extreme Programming . Lecture Notes in Business Information Processing . 2015 . Bjerke-Gulstuen . Kristian . Larsen . Emil Wiik . Stålhane . Tor . Dingsøyr . Torgeir . 212 . 239–247 . 978-3-319-18611-5 .
  4. Web site: Gadi Zimerman . Tests are not enough – Why code integrity matters? . 16 March 2023 . 11 November 2022.
  5. Rook, Paul, E. Rook . Controlling software projects . Software Engineering Journal . 1986 . 1 . 1 . 7–16 . 10.1049/sej.1986.0003 . 15 March 2023.
  6. Book: Effect of Using Continuous Integration (CI) and Continuous Delivery (CD) Deployment in DevOps to reduce the Gap between Developer and Operation . 10.1109/ACIT57182.2022.9994139 . https://ieeexplore.ieee.org/document/9994139 . 15 March 2023 . 2022 International Arab Conference on Information Technology (ACIT) . 2022 . Mowad . Abrar Mohammad . Fawareh . Hamed . Hassan . Mohammad A. . 1–8 . 979-8-3503-2024-4 . 255419041 .