Some SonarQube issues have a significant but small effect on faults and changes. A large-scale empirical study

Valentina Lenarduzzi, Nyyti Saarimäki, Davide Taibi

Research output: Contribution to journalArticleScientificpeer-review

3 Citations (Scopus)
22 Downloads (Pure)

Abstract

Context: Companies frequently invest effort to remove technical issues believed to impact software qualities, such as removing anti-patterns or coding styles violations. Objective: We aim to analyze the diffuseness of SonarQube issues in software systems and to assess their impact on code changes and fault-proneness, considering also their different types and severities. Methods: We conducted a case study among 33 Java projects from the Apache Software Foundation repository. Results: We analyzed 726 commits containing 27K faults and 12M changes in Java files. The projects violated 173 SonarQube rules generating more than 95K SonarQube issues in more than 200K classes. Classes not affected by SonarQube issues are less change-prone than affected ones, but the difference between the groups is small. Non-affected classes are slightly more change-prone than classes affected by SonarQube issues of type Code Smell or Security Vulnerability. As for fault-proneness, there is no difference between non-affected and affected classes. Moreover, we found incongruities in the type and severity assigned by SonarQube. Conclusion: Our result can be useful for practitioners to understand which SonarQube issues should be refactored and for researchers to bridge the missing gaps. Moreover, results can also support companies and tool vendors in identifying SonarQube issues as accurately as possible.

Original languageEnglish
Article number110750
Number of pages15
JournalJournal of Systems and Software
Volume170
DOIs
Publication statusPublished - Dec 2020
Publication typeA1 Journal article-refereed

Keywords

  • Change-proneness
  • Empirical study
  • Fault-proneness
  • SonarQube

Publication forum classification

  • Publication forum level 3

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'Some SonarQube issues have a significant but small effect on faults and changes. A large-scale empirical study'. Together they form a unique fingerprint.

Cite this