1. Technical Field
The embodiments herein generally relate to a method of identifying a high risk area of a source code. The embodiments herein particularly relate to a system and method of identifying a high risk area of a source code by observing various attributes and performing appropriate actions. The embodiments herein more particularly relate to a system and method for identifying, analyzing and integrating risks associated with source code.
2. Description of the Related Art
One of the components to identify risk associated with a source code is a code coverage tool through which data related to code coverage such as the part of JAVA code covered in testing is identified to determine the complexity of JAVA code.
In addition to basic code coverage, there can be additional metrics like delta code coverage which means that with this option, code coverage of only those lines in files which are changed after specific time can be identified. This option helps to make more meaningful decisions such as determining if there are some lines which have never been changed in last one year, and subsequently determining that the code coverage of those files is relatively less important when compared to code coverage of those lines which have been changed recently.
In code coverage techniques, merge code coverage results are merged to get combined code coverage result which helps in a situation like in one testing cycle, there is a possibility that whole testing is not completed, so it is possible that some code is tested on “Deployment run 1” and some other code is tested on “Deployment run 2”. “Deployment run 2” may cover some already tested code of “Deployment run 1” and as well as it may cover some new code. With code coverage merge tool we can merge different code coverage results to get combined code coverage result.
Code coverage tools like Cobertura help get data including the part of JAVA code which is covered during testing and the complexity thereof. Later, this data can be analyzed to find out the classes which are highly complex and have a low coverage, so that those JAVA class files can be categorized as belonging to a high risk area. But only code coverage data is not sufficient to take an appropriate judgment/decision about defining a risk area for a source code. Other factors such as code commit information and source code file type information also need to be considered.
Hence there is a need for a system and method for identifying and analyzing the risks associated with a source code. There is also a need for a system and method that identifies a high risk area of a source code by observing various attributes and taking appropriate actions. Further, there is also felt a need for a system and method that provides for publishing the various attributes for the purpose of analysis of high risk areas of a source code.
The abovementioned shortcomings, disadvantages and problems are addressed herein and they would be understood by reading the following specification.