Removing Noise from Your Rulesets with providedBy

This article describes a new feature that will change your rating if you are using Squore's default analysis model (Software Analytics).

While we normally guarantee that patch releases will not contain changes that impact your rating, we believe that this is an important change that brings clarity to your analysis results and we are introducing it before our next major release.

We are also adding a setting to keep using the old behaviour. Make sure you read the article and apply the setting before upgrading if you do not want to be impacted by the change.

What we are Improving

When reviewing your findings you may notice that All Rules filter displays rules that do not necessarily apply to the context of your project:

  • Unwanted artefact types

Up to Squore 17.0.8/17.1.3, the list of rules included all the rules from the model.

This has already been fixed to display only the rules enabled in the project for the types of artefacts that exist in the project.

As a result, you will no longer see Javascript-only rules in your C or C++ projects. This change did not have an impact on the rating of the project itself.

  • The list contains rules specific to data providers that you do not use in your analysis.

Even if your project does not use Klocwork, the Klocwork rules are still enabled and taken into account when computing your Rule Compliance KPI.

This is the behavior that we are changing by default starting from 17.0.9/17.1.4

How this Affects the Rating

The following is a comparison the same analysis of python code with Software Analytics in Squore 17.0.8 and 17.0.9:

Screenshot 1: Version 17.0.8

Screenshot 2: Version 17.0.9

The difference in Rule Compliance can be explained by looking at the number of Coding Standards (591 vs 19). Your compliance ratio will decrease, even though you made no changes to your code. It is a more accurate representation of rule compliance for the source code you analysed.

What We Changed

All standardised rulesets for default data providers (those in <SQUORE_HOME>/configuration/models/shared/data_provider) come with a new providedBy attribute that indicates that the rules only apply if the data provider was run during the analysis:

<Package providedBy="Findbugs;Findbugs_auto">

<Measure measureId="AT_OPERATION_SEQUENCE_ON_CONCURRENT_ABSTRACTION" type="RULE" toolName="Findbugs" categories="..." families="..." targetArtefactTypes="JAVA" />



By specifying providedBy="Findbugs;Findbugs_auto", we have instructed Squore to count this rule as a coding standard only if the analysis used Findbugs or Findbugs_auto. All rules in this package are ignored when this is not the case.

Internally, this means that all queries reporting a rule count (COUNT RULE(<scope>) FROM ... WHERE ...) in your model ignore rules inside a package provided by a data provider that was not part of the analysis.

Can I also Ignore my Own Data Providers?


Just wrap your rules in packages and add a providedBy attribute containing the name or names of the Data Providers checking the rules.

The value of providedBy is the name of the configuration folder of your Data Provider (<CONFIGURATION>/tools/MyDataProvider/form.xml ==> providedBy="MyDataProvider").

Reload your configuration and run a new analysis (does Apply Changes work?) to see updated results.

What if I Don't Want to be Impacted?

That's easy too!

We added a configuration key for properties.xml so you can keep using the legacy behaviour. Your rules compliance KPI will be less precise, but at least it will not change.

Note that this is an application-wide setting, it cannot be turned on and off for each project.

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<Bundle version="1.2">
    <!-- Configuration options -->
    <option name="configuration.models.useProvidedBy" value="false"/>

Setting configuration.models.useProvidedBy to false uses the old behaviour (noisy rulesets).

Setting configuration.models.useProvidedBy to true uses the new behaviour (tidy rulesets and a modified Rule Compliance rating for your project).

If your properties.xml does not contain this key, it defaults to true, which impacts your rating.

Further Reading

Here are some links to our documentation of the concepts mentioned in this article:

Article ID: 1319
Last updated: 2019-04-15
Revision: 2
Squore -> Data Analysis -> Removing Noise from Your Rulesets with providedBy