Code integrity: Difference between revisions

'''Code integrity''' is a measurement used in the software delivery lifecycle. It measures how high the [[source code]]'s quality is when it is passed on to [[Quality assurance|QA]], and is affected by how thoroughly the code was processed by correctness-checking processes (whether manual or automatic). Examples for such correctness-checking processes can be [[unit tests|unit testing]] and [[integration test]]ing, code review, test automation, AI-based code analysis etc.<ref>{{cite webarXiv |title=A Survey on Machine Learning Techniques for Source Code Analysis |urleprint=https://arxiv.org/abs/2110.09610 |access-datelast1=15Sharma March|first1=Tushar |last2=Kechagia |first2=Maria |last3=Georgiou |first3=Stefanos |last4=Tiwari |first4=Rohit |last5=Vats |first5=Indira |last6=Moazen |first6=Hadi |last7=Sarro |first7=Federica |year=2021 |class=cs.SE 2023}}</ref> Code integrity is the combination of applying code correctness processes (software quality) along with metrics that measure the completeness of these correctness-checking processes, such as, for example, code coverage. While code integrity is usually achieved by unit testing the source code to reach high code coverage, it is definitely not the only way, or the best way, to achieve code integrity. In fact, code coverage, a popular metric to measure the thoroughness of unit tests, is known to have a limited correlation with the measure of real code integrity.<ref>{{cite webbook |titlechapter=How Effective Are Code Coverage Criteria? |urldoi=https:/10.1109/ieeexploreQRS.ieee2015.org/abstract/document/727292630 |access-datetitle=152015 MarchIEEE International Conference on Software Quality, Reliability and Security |year=2015 |last1=Hemmati |first1=Hadi |pages=151–156 |isbn=978-1-4673-7989-2 |s2cid=7305779 2023}}</ref>

Code integrity is not just about the correctness of the code, but also about developers’ confidence regarding correctness of their code. With code integrity, the developer can be sure that his/hertheir code is written correctly when passed on to QA. This is, in fact, the expected quality level of the code. Code integrity helps developers and companies release better products, with fewer bugs, in a shorter time.<ref name="wim" />

Companies whothat practice code integrity avoid the classic scenario where the development stage is delayed, delaying the QA stage, delaying the release stage. Products of companies that do not adopt code integrity are released with more bugs (due to time pressure), users report tons of bugs back to the development team, and they start working on version 1.1 shortly after releasing version 1.0, just to fix bugs that could have been avoided.{{cncitation needed|date=March 2023}}

Shift-left testing is a method to perform related testing during the initial processes of software development, since the QA department cannot measure the code's integrity even after all their tests are run. Shift-left testing and code integrity are tightly connected but integrity consists not only of the testing part of the job which is a sub-task of the larger process of shift-left code integrity. This process not only applies more unit tests along with higher code coverage, but also involves various other correctness-checking processes against relevant data.<ref>{{cite webbook |titlechapter=High Level Test Driven Development – Shift Left |doi=10.1007/978-3-319-18612-2_23 |chapter-url=https://link.springer.com/chapter/10.1007/978-3-319-18612-2_23 |access-date=15 March 2023 |title=Agile Processes in Software Engineering and Extreme Programming |series=Lecture Notes in Business Information Processing |year=2015 |last1=Bjerke-Gulstuen |first1=Kristian |last2=Larsen |first2=Emil Wiik |last3=Stålhane |first3=Tor |last4=Dingsøyr |first4=Torgeir |volume=212 |pages=239–247 |isbn=978-3-319-18611-5 }}</ref> Here are some examples:{{cn|date=October 2024}}

* Pure code integrity metric formulation is: 1 − (Non-covered bugs) / (Total bugs), In words: the perfect code integrity minus the number of bugs that weren’tweren't covered by unit testing, divided by the total bugs found during the entire product cycle including development, is the code not in integrity.

* Different types of code coverage (line-coverage, branch-coverage etc.)

This concept is based on the fact that developers would be able to make full use of the technological advantage if they have the relevant testing tools available to them from the start. As newer software become more and more complex and includes more dependencies, including the right side of the [[V-model]] in developers' roles will help them to assume control of the unit testing & integration processes.<ref name="wim">{{cite web |author1=Gadi Zimerman |title=Tests are not enough – Why code integrity matters? |url=https://www.codiumqodo.ai/blog/tests-are-not-enough-why-code-integrity-matters |access-date=16 March 2023 |date=11 November 2022}}</ref><ref>{{cite journal |author1=Rook, Paul, E. Rook |title=Controlling software projects |journal=IEEE Software Engineering Journal |date=1986 |volume=1 |issue=1 |pagepages=7-167–16 |doi=10.1049/sej.1986.0003 |url=https://digital-library.theiet.org/content/journals/10.1049/sej.1986.0003 |access-date=15 March 2023|url-access=subscription }}</ref> The result will allow developers to bring up complete environments in many software companies. This trend is expected to continue because in many cases it is impossible to perform unit/integration testing without the full system’ssystem's context.<ref>{{cite webbook |titlechapter=Effect of Using Continuous Integration (CI) and Continuous Delivery (CD) Deployment in DevOps to reduce the Gap between Developer and Operation |urldoi=https:/10.1109/ieeexploreACIT57182.ieee2022.org/abstract/document/9994139 |access-datetitle=152022 MarchInternational Arab Conference on Information Technology (ACIT) |year=2022 |last1=Mowad |first1=Abrar Mohammad |last2=Fawareh |first2=Hamed |last3=Hassan |first3=Mohammad A. |pages=1–8 |isbn=979-8-3503-2024-4 |s2cid=255419041 2023}}</ref>