Skip to main content

Keep low McCabe ciclomatic complexity


The source code must contain functions, methods or fragments of code with a ciclomatic complexity (McCabe) lower than 20.


The use of McCabe ciclomatic complexity help to measure how complex a source code is regardless of the programming language. This software metric is based on graph theory. When the code has a high level of complexity, it will be harder to analyze, understand and maintain, therefore, the time and effort needed to find and fix vulnerabilities will increase substantially.