Cyclomatic Complexity and Code Coverage

Industry experience suggests that the design of metrics will encourage certain kinds of behaviour from the people being measured. The common phrase applied is “you get what you measure” (or “be careful what you wish for”).

A Brief Explanation of Cyclomatic Complexity and Code Coverage

Cyclomatic complexity is a measure of the number of possible paths through a piece of code. This is a relatively easy measurement to make, and code analysis tools can give you this figure directly. As cyclomatic complexity is directly analogous to the number of paths through the code, it is also a direct count of the number of unit tests required as a minimum to test all the code paths.

• A cyclomatic complexity of 1–10 is a simple piece of code that is easily maintainable.
• A cyclomatic complexity of 11–20 is a moderately complex piece of code, that is relatively easy to maintain.
• A cyclomatic complexity of 21–50 would indicate either a highly complex or high risk piece of code. The functionality of the code observed indicates it is in no way complex, and therefore it must fall into the high risk category.
• A cyclomatic complexity of 51 and above indicates un-testable code, and a very high risk to the project.

Code coverage measures the number of paths through your code that had at least one execution when unit tests were run. It does not however give any real quality measure against the value of those tests, or the actual quality of those tests.

It is actually easier to get better coverage results from writing poor code. The poorer the quality of your code and of your tests, the easier it is to achieve high coverage figures.

This is a repost of an article from a decade ago, some parts may appear slightly out of date, there are some minor edits, but most of the principles still have relevance today