Overview | ||
|---|---|---|
Definition (Hover Text) | Measures the evolution of effort required to fix all Vulnerabilities detected with Sonar in the code. | |
Source Tools | SonarQube, Sonar Cloud | |
Graph type | Line | |
Filters | Sonar Projects | |
Hover Format on KPIDate Range:<<Months>> | Effort change - << %> | |
Fields on Overlay | Project Job Name Code Quality Month | |
Business Logic | ||
Calculation Formula | It For each KPI a ratio is directly calculated in Sonarqube. Sonar Code Quality is graded based on the static and dynamic code analysis procedure built in Sonarqube that analyses code from multiple perspectives. | |
Trend |
| |
Maturity Levels | << To be filled>> M1: E M2: D M3: C , M4: B, M5: A | |
calculated which considers
Then for each time duration - Effort change is calculated based on the Ratio at the End of the interval and at the Beginning of the interval RATIO - RemediationEffortChange = Sec%|TimeIntervalEnd/ Sec%|TimeIntervalStart | ||
Trend | Trend is downwards with increase in percentage | |
Maturity Levels | M1: > 120% M2: 100-120% M3: 50-100% M4: 0-50% M5: Zero | |
Instance level thresholds | 50% | |
Configurations | ||
Processor Fields | KPI Specific fields | <<Field>>NA |
Mandatory fields | Time (min) required to write 1 Line of code (LOC) | |
How to Validate KPI | ||
Suggested ways of working | ||
Sample JQLs | ||
Benefits of KPI | ||
How does the KPI help | The Sonar Security KPI helps teams improve the security of their code by identifying and tracking security vulnerabilities and weaknesses. It enables teams to prioritize areas for improvement, reduce the risk of security breaches, and enhance overall code quality. By addressing security issues, teams can protect sensitive data, mitigate risks, and increase customer trust. | |
Page Comparison
General
Content
Integrations