Start FreeLog in
SonarCloud | Appendices | Glossary

Glossary

ConceptDefinition
BugAn issue that represents something wrong in the code. If this has not broken yet, it will, and probably at the worst possible moment. This needs to be fixed. Yesterday.
Code SmellA maintainability-related issue in the code. Leaving it as-is means that, at best, the person maintaining the code will have a harder time than they should when making changes. At worst, they'll be so confused by the state of the code that they'll introduce additional errors as they make changes.
CostSee Remediation Cost.
DebtSee Technical Debt.
IssueWhen a piece of code does not comply with a rule, an issue is logged on the snapshot. An issue can be logged on a source file or a unit test file. There are 3 types of issues: bugscode smells, and vulnerabilities.
Lines of Code (LOC)This refers to the number of physical lines that contain at least one character which is neither a whitespace nor a tabulation nor part of a comment. LOCs are calculated by adding up the LOCs for each project analyzed. See LOC-based pricing in Subscription plans.
MeasureThe value of a metric for a given file or project at a given time. For example, 125 lines of code on class MyClass or the density of duplicated lines of 30.5% on project myProject
MetricA type of measurement. Metrics can have varying values, or measures, over time. Examples: number of lines of code, complexity, etc. A metric may be either qualitative (gives a quality indication on the component, E.G. density of duplicated lines, line coverage by tests, etc.) or quantitative (does not give a quality indication on the component, for example, number of lines of code, complexity, etc.)
New Code PeriodThe period for which you're keeping a close watch on the introduction of new problems in the code. Ideally, this is since the previous_version, but if you don't use a Maven-like versioning scheme you may need to set a relatively arbitrary time period such as 21 days or since a specific date.
Quality ProfileA set of rules. Each snapshot is based on a single quality profile. See also the Managing quality profiles documentation.
RuleA coding standard or practice which should be followed. Not complying with coding rules leads to bugsvulnerabilities, security hotspots, and code smells. Rules can check the quality of code files or unit tests.
Remediation CostThe estimated time required to fix vulnerability and reliability Issues.
SnapshotA set of measures and issues on a given project at a given time. A snapshot is generated for each analysis.
Security HotspotA security-sensitive section of code that needs to be manually reviewed. Upon review, you will find either that there is no threat or that there is vulnerable code that needs to be fixed.
Technical DebtThe estimated time required to fix all maintainability issues / code smells.
VulnerabilityA security-related issue that represents a backdoor for attackers. See also Security-related rules.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License