Improving Complexity Analysis
with Radon

scope: gitlab-duo type: developer-guide tool: radon >= 5.0

sec:overview

When GitLab Duo runs static complexity analysis on your merge request, it measures cyclomatic complexity for every function you touched or added. This helps catch overly complex code before it gets merged.

There are two ways the analysis can run:

Method	Accuracy	How it works
Tool-based (radon)	Precise	Runs radon directly on source files
LLM-approximated	Estimated	AI reads code, counts decision points

If you saw an info box in the MR comment about improving accuracy, read on.

sec:mr-linked

If a merge request was linked

The analysis agent detected that your project can support radon but doesn't have it installed yet. It created a merge request that adds (or updates) your .gitlab/duo/agent-config.yml file to include pip install radon in the setup step.

Review and merge that MR. The next time the complexity analysis runs, it will use radon for precise scores instead of LLM approximation.

The MR adds a configuration like this:

version: 1
base_image: python:3.12-slim
setup:
  - pip install radon

If your project already had an agent-config.yml, the MR modifies it to add radon to the existing setup steps.

sec:no-mr

If no merge request was linked

The analysis agent found an existing .gitlab/duo/agent-config.yml in your repository but could not safely modify it. This typically happens when:

The base_image is not Python-compatible (e.g., node:20, ruby:3.2, golang:1.22)
The setup steps use a package manager other than pip
The config structure is unusual or the agent wasn't confident it could merge correctly

Add radon to your config manually. The exact steps depend on your base image.

Python base image

If your base_image is any Python variant (python:*, debian:*, ubuntu:*), add to your setup:

setup:
  - pip install radon    # Add this line
  - # ... your existing setup steps

Node.js base image

If your base image is Node-based, you'll need Python available:

setup:
  - apt-get update && apt-get install -y python3 python3-pip
  - pip3 install radon
  - # ... your existing setup steps

Other base images

For Alpine, Ruby, Go, or other images, ensure Python 3 and pip are available, then pip install radon.

sec:config

What is `.gitlab/duo/agent-config.yml`?

This file configures the execution environment for GitLab Duo agent workflows. It specifies:

base_image — The Docker image used as the runtime environment
setup — Shell commands that run before any agent workflow starts

When this file exists and includes radon, the complexity analysis agent can call radon cc directly on your source files for exact cyclomatic complexity scores. Without it, the agent falls back to LLM-based estimation, which is less precise.

sec:cyclomatic-complexity

What is cyclomatic complexity?

Cyclomatic complexity (CC) measures the number of independent paths through a function. It counts decision points like if, for, while, case, catch, &&, ||, and ternary operators.

CC Score	Rank	Risk Level
1–5	A	Simple, low risk
6–10	B	Moderate, well-structured
11–15	C	More complex, consider refactoring
16–20	D	Complex, should refactor
21–25	E	Very complex, high risk
26+	F	Untestable, must refactor

Functions with CC above 10 are harder to test and more likely to contain bugs. The analysis highlights these so you can address them during code review.

Improving Complexity Analysiswith Radon