CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use
← Back to glossary

Cyclomatic Complexity

quality Intermediate

Also Known As

CC McCabe complexity decision complexity

TL;DR

A count of linearly independent paths through a function — each if, for, while, case, and && adds 1.

Explanation

Defined by Thomas McCabe in 1976, cyclomatic complexity measures the number of independent paths through a piece of code. Each decision point (if, elseif, for, while, foreach, case, catch, ||, &&, ?:) adds 1 to the base score of 1. A score of 1–5 is simple, 6–10 is moderate, 11–20 is complex, 20+ is very high risk. High cyclomatic complexity correlates with higher defect density and lower testability — you need at least one test per path to achieve full branch coverage.

Common Misconception

Cyclomatic complexity below 10 means a function is simple enough. The threshold is a guideline, not a guarantee — a function with 8 branches acting on global state can be far harder to understand than one with 15 well-named branches on a simple data structure.

Why It Matters

Cyclomatic complexity counts independent execution paths — a score above 10 predicts defect density and indicates a function that is hard to fully test and reason about.

Common Mistakes

  • Not measuring cyclomatic complexity as part of CI — it only gets addressed when someone notices, not systematically.
  • Reducing complexity by extracting private methods but keeping the same logic — the extracted methods just shift the score.
  • Targeting zero complexity — some decision logic is inherently complex; the goal is appropriate decomposition.
  • Confusing cyclomatic complexity with cognitive complexity — cyclomatic counts branches, cognitive accounts for nesting depth.

Code Examples

💡 Note
Every branch adds 1 to CC. Aim for CC ≤ 10 per method; above 15 is a strong refactor signal.
✗ Vulnerable 
// CC = 8 (one path per branch)
function classify(int $score): string {
    if ($score >= 90) {
        return 'A';
    } elseif ($score >= 80) {
        return 'B';
    } elseif ($score >= 70) {
        return 'C';
    } elseif ($score >= 60) {
        return 'D';
    } else {
        return 'F';
    }
}
✓ Fixed 
// CC = 2 — data-driven, trivially testable
function classify(int $score): string {
    return match(true) {
        $score >= 90 => 'A',
        $score >= 80 => 'B',
        $score >= 70 => 'C',
        $score >= 60 => 'D',
        default      => 'F',
    };
}
Added 15 Mar 2026
Edited 22 Mar 2026
Views 36

Curated in Warsaw under one editorial standard. 1,444 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
0 pings W 0 pings T 0 pings F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 0 pings F 0 pings S 0 pings S 2 pings M 1 ping T 2 pings W 2 pings T 1 ping F 0 pings S 0 pings S 0 pings M 1 ping T 0 pings W 0 pings T 2 pings F 0 pings S 0 pings S 1 ping M 0 pings T 0 pings W 0 pings T
Agents 0
No pings yet today
No pings yesterday
Perplexity 11 Amazonbot 8 Ahrefs 7 Google 3 Unknown AI 2 SEMrush 2 ChatGPT 2
Also referenced
Cognitive Complexity 39 Halstead Maintainability Index 35
How they use it
crawler 32 crawler_json 3
Related categories
quality 2.7k
DEV INTEL Tools & Severity
🟡 Medium ⚙ Fix effort: Medium
⚡ Quick Fix
Functions with cyclomatic complexity >10 are hard to test — each decision point requires another test case; extract decisions into separate methods
📦 Applies To
any web cli queue-worker
🔗 Prerequisites
🔍 Detection Hints
Function with 10+ if/else/switch/loop/catch branches; phpmd reports CC >10; 10+ test cases needed for single function
Auto-detectable: ✓ Yes phpmd phpcs phpmetrics phploc
⚠ Related Problems
🤖 AI Agent
Confidence: High False Positives: Low ✗ Manual fix Fix: Medium Context: Function Tests: Update
✓ schema.org compliant