CodeScene

CodeScene is a software engineering intelligence platform that combines code quality metrics with behavioral code analysis. It provides visualizations based on version control data and machine learning algorithms that identify social patterns and hidden risks in source code.^[1]

CodeScene

Developer(s)	CodeScene AB
Initial release	2016
Stable release	6.8 / 2024
Operating system	Linux, macOS, Windows
Platform	Java
Available in	English
Type	Behavioral program analysis
License	Proprietary
Website	CodeScene

CodeScene offers several features that support software maintainability and evolution within large-scale software development environments. The platform delivers several actionable performance indicators that assist software organizations in identifying risks and bottlenecks. CodeScene’s research team employs an evidence-based approach to validate how these indicators are associated with business-critical variables such as development velocity and defect density.

The platform uses its Code Health metric to evaluate the maintainability of source code. Another significant feature is the concept of hotspots which are areas of code that are frequently modified. This concept is inspired by geographic profiling a technique used in criminal investigations, which is reflected in the naming of CodeScene.

By focusing on improving Code Health in hotspots, CodeScene aims to assist software development organizations in prioritizing technical debt mitigation. This approach is intended to enhance the maintainability and quality of software projects.

History

CodeScene is based on the ideas from the book Your Code As A Crime Scene: Use Forensic Techniques to Arrest Defects, Bottlenecks, and Bad Design in Your Programs^[2] by CodeScene's founder Adam Tornhill.

The first version of CodeScene was released in 2016,^[3] and the current version is 6.8 which comes with auto-generated PDF reports, architectural code health metrics, quality gates for build pipelines, and can put costs on hotspots.^[4]

In January of 2021, CodeScene raised kr 30,000,000 from Inventure and Luminar to expand its business.^[5] In August of 2023, CodeScene also raised €7.5 Million in a financing round led by Neqst.^{[6] [7]}

Overview

CodeScene measures code quality using its Code Health metric. Code Health focuses on how cognitively difficult it is for human developers to comprehend a piece of source code. The metric aligns with the mindset that the best strategy for gauging code quality is to aggregate a set of specific complexity attributes.^[8] CodeScene parses source code to identify the presence of established code smells, e.g., ‘’God Class’’, ‘’God Methods’’, and ‘’Duplicated Code’’. The presence of code smells is combined into a numeric value between 1 and 10. The lower end represents extremely poor maintainability, and the upper end indicates top-notch code that is easy to maintain. CodeScene categorizes files into one of three sub-intervals: healthy (9 or higher), warning (between 4 and 9), and alert (lower than 4).

CodeScene includes support for the following programming languages: C, C++, C#, Java, Groovy, JavaScript, TypeScript, Objective-C, Scala, Python, Swift, Go, Kotlin, Visual Basic .Net, PHP, Perl 5, Dart, Erlang, Ruby, React, ECMAScript, Vue.js, Rational Software Architect Models, Clojure, PowerShell, TCL, Apex, Elixir, Rust and BrightScript.^[9]

The Software as a service version of CodeScene is available for free for open source projects.^[10] CodeScene is also available in an on-premise version that includes more advanced features like continuous integration support, Jira integration for cost calculations, and on- and off-boarding simulations.

Scientific research and impact

CodeScene is grounded in empirical software engineering research. The company is an active contributor to the academic community through its publication of research articles, organization of academic events, and participation in peer-review service. Examples of large research collaborations supported by publicly funded projects include the European Eureka ITEA3 TESTOMAT project, the Vinnova-backed competence center NextG2Com, and the SESAM project funded by the Swedish Knowledge Foundation.

The majority of academic research concerning CodeScene has concentrated on the validation of its Code Health metric. This metric has been extensively studied to assess its efficacy in identifying software maintainability issues. The research mission at CodeScene aims to frame source code quality as a business concern, not just a technical aspect. The primary research method used by CodeScene is mining software repositories using anonymous log files from static program analysis of proprietary projects. This approach contrasts with the majority of software engineering mining studies, which typically rely on open-source software repositories.

Example findings from empirical studies of CodeScene include:

• Significant differences exist between files with low and high Code Health. Files with alert-level Code Health contain 15 times more defects than healthy files. Moreover, resolving issues in alert-level code requires, on average, 124% more development time, and issue resolutions in such code are plagued by uncertainty as they involve nine times longer maximum cycle times.^[11]
• A software development organization's value creation varies across the Code Health spectrum, with strong nonlinearities at the extremes of the spectrum. This study, which received the best paper award at the International Conference on Technical Debt in 2024, indicates that the return on investment for code refactoring is amplified in the upper end of Code Health.^[12]
• Project newcomers are particularly challenged when working with alert-level source code, requiring 45% more time for small changes and 93% more time for large changes in low-quality source code. This finding highlights the additional challenges faced by newly onboarded developers in environments burdened by technical debt.^[13]
• There is a strong correlation between Code Health and the total number of security vulnerabilities. This study was conducted by independent researchers based in Egypt.^[14]

Reception

CodeScene was featured on the ThoughtWorks Technology Radar^[15] as a social code analysis tool.

CodeScene users report that CodeScene is "The right way to manage technical debt", "A new standard for quality assurance", and provides "Insights like never seen before".^[16]

CodeScene's free version is used to visualize the case studies in Adam Tornhill's book Software Design X-Rays: Fix Technical Debt with Behavioral Code Analysis.^[17]