The Clayton score considers the number of issues detected, their severity, and density in the codebase.

The score is calculated as an aggregation of two parts:

  • The estimated time (h) required to fix all the outstanding issues, taking into account their severity

  • And the defect density expressed with the number of open issues for every line of code

The score is computed for every active policy (e.g. Security) and overall and indicates the compliance level of the code analysed:

  • 0: low compliance, problems are very frequent, and their impact is severe

  • 100: full compliance, no problems detected

Did this answer your question?