Hi all,
I've been recently asked to analyze a project and identify 20 classes that are highest at risk based on the design metrics.
I've began analyzing the project and i've decided to pick out the classes with the highest maximum Complexity. Should i be looking at anything else besides max complexity. i.e. number of calls, statements, classes, methods/classes,max depth etc.. Am i headed in the right direction? if not what else should i be looking at?
Thanks in advance.
I would primarily look at max complexity, max depth and number of statement. This three metrics will detect really badly written methods (long, deeply nested and with lots of decisions and dependencies).
Sort SourceMonitor reports on each of those three metrics and write down top 20-30 classes, then pick those highly ranked in all three lists.
This is a good place to start, but I would say the risk is also coupled with the amount of code that contains unit tests.
For example, a function with cyc. complexity of 20 that has 100% unit test code coverage is safer than a function with cyc. complexity of 10 with no unit tests.