From 5b55beb1797b09864038ccfd3ce788dcf8434cf0 Mon Sep 17 00:00:00 2001
From: lukasz-jarocki-sonarsource <lukasz.jarocki@sonarsource.com>
Date: Tue, 23 Jan 2024 16:14:03 +0100
Subject: [PATCH] SONAR-21455 Compute software quality measures for overall
 code

---
 gradle.properties                             |  2 +-
 .../projectanalysis/issue/IssueCounter.java   | 68 ++++++++++++++-
 .../issue/IssueCounterTest.java               | 86 ++++++++++++++++---
 .../server/measure/ws/ComponentActionIT.java  | 34 +++++++-
 .../server/measure/ws/ComponentAction.java    |  1 +
 .../measure/ws/ComponentTreeAction.java       |  1 +
 .../sonar/server/measure/ws/SearchAction.java |  4 +-
 .../resources/org/sonar/l10n/core.properties  |  6 ++
 8 files changed, 185 insertions(+), 17 deletions(-)

diff --git a/gradle.properties b/gradle.properties
index cfd534f9943..a866f11c959 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,6 +1,6 @@
 group=org.sonarsource.sonarqube
 version=10.4
-pluginApiVersion=10.5.0.2090
+pluginApiVersion=10.6.0.2104
 description=Open source platform for continuous inspection of code quality
 projectTitle=SonarQube
 org.gradle.jvmargs=-Xmx2048m
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
index 5646cfce36a..3d8502d2f6b 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
@@ -23,11 +23,13 @@ import com.google.common.collect.EnumMultiset;
 import com.google.common.collect.HashMultiset;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.Multiset;
+import com.google.gson.Gson;
 import java.util.HashMap;
 import java.util.Map;
 import javax.annotation.Nullable;
 import org.sonar.api.issue.IssueStatus;
 import org.sonar.api.issue.impact.Severity;
+import org.sonar.api.issue.impact.SoftwareQuality;
 import org.sonar.api.rules.RuleType;
 import org.sonar.ce.task.projectanalysis.component.Component;
 import org.sonar.ce.task.projectanalysis.measure.Measure;
@@ -48,6 +50,7 @@ import static org.sonar.api.measures.CoreMetrics.CRITICAL_VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.FALSE_POSITIVE_ISSUES_KEY;
 import static org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES_KEY;
 import static org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS_KEY;
+import static org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.NEW_ACCEPTED_ISSUES_KEY;
@@ -62,8 +65,10 @@ import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_HOTSPOTS_KEY;
 import static org.sonar.api.measures.CoreMetrics.NEW_VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES_KEY;
 import static org.sonar.api.measures.CoreMetrics.OPEN_ISSUES_KEY;
+import static org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES_KEY;
 import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS_KEY;
+import static org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.VULNERABILITIES_KEY;
 import static org.sonar.api.rule.Severity.BLOCKER;
@@ -83,6 +88,7 @@ import static org.sonar.api.rules.RuleType.VULNERABILITY;
  * <li>issues per resolution (unresolved, false-positives, won't fix)</li>
  * <li>issues per severity (from info to blocker)</li>
  * <li>issues per type (code smell, bug, vulnerability, security hotspots)</li>
+ * <li>issues per impact</li>
  * </ul>
  * For each value, the variation on configured periods is also computed.
  */
@@ -102,6 +108,11 @@ public class IssueCounter extends IssueVisitor {
     MINOR, NEW_MINOR_VIOLATIONS_KEY,
     INFO, NEW_INFO_VIOLATIONS_KEY);
 
+  static final Map<String, String> IMPACT_TO_METRIC_KEY = Map.of(
+    SoftwareQuality.SECURITY.name(), SECURITY_ISSUES.key(),
+    SoftwareQuality.RELIABILITY.name(), RELIABILITY_ISSUES.key(),
+    SoftwareQuality.MAINTAINABILITY.name(), MAINTAINABILITY_ISSUES.key());
+
   private static final Map<RuleType, String> TYPE_TO_METRIC_KEY = ImmutableMap.<RuleType, String>builder()
     .put(CODE_SMELL, CODE_SMELLS_KEY)
     .put(BUG, BUGS_KEY)
@@ -115,6 +126,8 @@ public class IssueCounter extends IssueVisitor {
     .put(SECURITY_HOTSPOT, NEW_SECURITY_HOTSPOTS_KEY)
     .build();
 
+  private static final Gson gson = new Gson();
+
   private final MetricRepository metricRepository;
   private final MeasureRepository measureRepository;
   private final NewIssueClassifier newIssueClassifier;
@@ -153,6 +166,7 @@ public class IssueCounter extends IssueVisitor {
     addMeasuresBySeverity(component);
     addMeasuresByStatus(component);
     addMeasuresByType(component);
+    addMeasuresByImpact(component);
     addNewMeasures(component);
     currentCounters = null;
   }
@@ -175,6 +189,13 @@ public class IssueCounter extends IssueVisitor {
     addMeasure(component, HIGH_IMPACT_ACCEPTED_ISSUES_KEY, currentCounters.counter().highImpactAccepted);
   }
 
+  private void addMeasuresByImpact(Component component) {
+    for (Map.Entry<String, Map<String, Long>> impactEntry : currentCounters.counter().impactsBag.entrySet()) {
+      String json = gson.toJson(impactEntry.getValue());
+      addMeasure(component, IMPACT_TO_METRIC_KEY.get(impactEntry.getKey()), json);
+    }
+  }
+
   private void addMeasuresByType(Component component) {
     for (Map.Entry<RuleType, String> entry : TYPE_TO_METRIC_KEY.entrySet()) {
       addMeasure(component, entry.getValue(), currentCounters.counter().typeBag.count(entry.getKey()));
@@ -186,6 +207,11 @@ public class IssueCounter extends IssueVisitor {
     measureRepository.add(component, metric, Measure.newMeasureBuilder().create(value));
   }
 
+  private void addMeasure(Component component, String metricKey, String data) {
+    Metric metric = metricRepository.getByKey(metricKey);
+    measureRepository.add(component, metric, Measure.newMeasureBuilder().create(data));
+  }
+
   private void addNewMeasures(Component component) {
     if (!newIssueClassifier.isEnabled()) {
       return;
@@ -218,7 +244,7 @@ public class IssueCounter extends IssueVisitor {
   }
 
   /**
-   * Count issues by status, resolutions, rules and severities
+   * Count issues by status, resolutions, rules, impacts and severities
    */
   private static class Counter {
     private int unresolved = 0;
@@ -229,8 +255,27 @@ public class IssueCounter extends IssueVisitor {
     private int accepted = 0;
     private int highImpactAccepted = 0;
     private final Multiset<String> severityBag = HashMultiset.create();
+    /**
+     * This map contains the number of issues per software quality along with their distribution based on (new) severity.
+     */
+    private final Map<String, Map<String, Long>> impactsBag = new HashMap<>();
     private final EnumMultiset<RuleType> typeBag = EnumMultiset.create(RuleType.class);
 
+    public Counter() {
+      initImpactsBag();
+    }
+
+    private void initImpactsBag() {
+      for (SoftwareQuality quality : SoftwareQuality.values()) {
+        Map<String, Long> severityMap = new HashMap<>();
+        for (Severity severity : Severity.values()) {
+          severityMap.put(severity.name(), 0L);
+        }
+        severityMap.put("total", 0L);
+        impactsBag.put(quality.name(), severityMap);
+      }
+    }
+
     void add(Counter counter) {
       unresolved += counter.unresolved;
       open += counter.open;
@@ -241,6 +286,14 @@ public class IssueCounter extends IssueVisitor {
       highImpactAccepted += counter.highImpactAccepted;
       severityBag.addAll(counter.severityBag);
       typeBag.addAll(counter.typeBag);
+
+      // Add impacts
+      for (Map.Entry<String, Map<String, Long>> impactEntry : counter.impactsBag.entrySet()) {
+        Map<String, Long> severityMap = impactsBag.get(impactEntry.getKey());
+        for (Map.Entry<String, Long> severityEntry : impactEntry.getValue().entrySet()) {
+          severityMap.compute(severityEntry.getKey(), (key, value) -> value + severityEntry.getValue());
+        }
+      }
     }
 
     void add(DefaultIssue issue) {
@@ -275,6 +328,19 @@ public class IssueCounter extends IssueVisitor {
         default:
           // Other statuses are ignored
       }
+      addIssueToImpactsBag(issue);
+    }
+
+    private void addIssueToImpactsBag(DefaultIssue issue) {
+      if (IssueStatus.OPEN == issue.issueStatus() || IssueStatus.CONFIRMED == issue.issueStatus()) {
+        for (Map.Entry<SoftwareQuality, Severity> impact : issue.impacts().entrySet()) {
+          impactsBag.compute(impact.getKey().name(), (key, value) -> {
+            value.compute(impact.getValue().name(), (severity, count) -> count == null ? 1 : count + 1);
+            value.compute("total", (total, count) -> count == null ? 1 : count + 1);
+            return value;
+          });
+        }
+      }
     }
   }
 
diff --git a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java
index 09ead892565..73034bf9774 100644
--- a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java
+++ b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java
@@ -19,9 +19,13 @@
  */
 package org.sonar.ce.task.projectanalysis.issue;
 
+import com.google.gson.Gson;
+import java.lang.constant.Constable;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
 import javax.annotation.Nullable;
 import org.assertj.core.data.MapEntry;
 import org.junit.Rule;
@@ -32,6 +36,7 @@ import org.sonar.api.rules.RuleType;
 import org.sonar.ce.task.projectanalysis.batch.BatchReportReaderRule;
 import org.sonar.ce.task.projectanalysis.component.Component;
 import org.sonar.ce.task.projectanalysis.component.TreeRootHolderRule;
+import org.sonar.ce.task.projectanalysis.measure.Measure;
 import org.sonar.ce.task.projectanalysis.measure.MeasureRepoEntry;
 import org.sonar.ce.task.projectanalysis.measure.MeasureRepositoryRule;
 import org.sonar.ce.task.projectanalysis.metric.MetricRepositoryRule;
@@ -53,6 +58,7 @@ import static org.sonar.api.issue.Issue.STATUS_CONFIRMED;
 import static org.sonar.api.issue.Issue.STATUS_OPEN;
 import static org.sonar.api.issue.Issue.STATUS_RESOLVED;
 import static org.sonar.api.issue.impact.Severity.HIGH;
+import static org.sonar.api.issue.impact.Severity.LOW;
 import static org.sonar.api.issue.impact.Severity.MEDIUM;
 import static org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES_KEY;
@@ -71,6 +77,7 @@ import static org.sonar.api.measures.CoreMetrics.FALSE_POSITIVE_ISSUES_KEY;
 import static org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES_KEY;
 import static org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS;
+import static org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS;
 import static org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS;
@@ -96,9 +103,11 @@ import static org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES;
 import static org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES_KEY;
 import static org.sonar.api.measures.CoreMetrics.OPEN_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.OPEN_ISSUES_KEY;
+import static org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS;
 import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS_KEY;
+import static org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES;
 import static org.sonar.api.measures.CoreMetrics.VIOLATIONS;
 import static org.sonar.api.measures.CoreMetrics.VIOLATIONS_KEY;
 import static org.sonar.api.measures.CoreMetrics.VULNERABILITIES;
@@ -110,6 +119,7 @@ import static org.sonar.api.rules.RuleType.BUG;
 import static org.sonar.api.rules.RuleType.CODE_SMELL;
 import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;
 import static org.sonar.ce.task.projectanalysis.component.ReportComponent.builder;
+import static org.sonar.ce.task.projectanalysis.issue.IssueCounter.IMPACT_TO_METRIC_KEY;
 import static org.sonar.ce.task.projectanalysis.measure.Measure.newMeasureBuilder;
 import static org.sonar.ce.task.projectanalysis.measure.MeasureRepoEntry.entryOf;
 
@@ -154,7 +164,10 @@ public class IssueCounterTest {
     .add(NEW_VULNERABILITIES)
     .add(NEW_SECURITY_HOTSPOTS)
     .add(NEW_ACCEPTED_ISSUES)
-    .add(HIGH_IMPACT_ACCEPTED_ISSUES);
+    .add(HIGH_IMPACT_ACCEPTED_ISSUES)
+    .add(RELIABILITY_ISSUES)
+    .add(MAINTAINABILITY_ISSUES)
+    .add(SECURITY_ISSUES);
 
   @Rule
   public MeasureRepositoryRule measureRepository = MeasureRepositoryRule.create(treeRootHolder, metricRepository);
@@ -295,9 +308,9 @@ public class IssueCounterTest {
     underTest.beforeComponent(PROJECT);
     underTest.afterComponent(PROJECT);
 
-    assertValues(FILE1, entry(NEW_VIOLATIONS_KEY, 2), entry(NEW_CRITICAL_VIOLATIONS_KEY, 2), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
+    assertIntValue(FILE1, entry(NEW_VIOLATIONS_KEY, 2), entry(NEW_CRITICAL_VIOLATIONS_KEY, 2), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
       entry(NEW_CODE_SMELLS_KEY, 1), entry(NEW_BUGS_KEY, 1), entry(NEW_VULNERABILITIES_KEY, 0), entry(NEW_SECURITY_HOTSPOTS_KEY, 1));
-    assertValues(PROJECT, entry(NEW_VIOLATIONS_KEY, 2), entry(NEW_CRITICAL_VIOLATIONS_KEY, 2), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
+    assertIntValue(PROJECT, entry(NEW_VIOLATIONS_KEY, 2), entry(NEW_CRITICAL_VIOLATIONS_KEY, 2), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
       entry(NEW_CODE_SMELLS_KEY, 1), entry(NEW_BUGS_KEY, 1), entry(NEW_VULNERABILITIES_KEY, 0), entry(NEW_SECURITY_HOTSPOTS_KEY, 1));
   }
 
@@ -320,8 +333,48 @@ public class IssueCounterTest {
     underTest.beforeComponent(PROJECT);
     underTest.afterComponent(PROJECT);
 
-    assertValues(FILE1, entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 2), entry(NEW_SECURITY_HOTSPOTS_KEY, 1));
-    assertValues(PROJECT, entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 2), entry(NEW_SECURITY_HOTSPOTS_KEY, 1));
+    assertIntValue(FILE1, entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 2), entry(NEW_SECURITY_HOTSPOTS_KEY, 1));
+    assertIntValue(PROJECT, entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 2), entry(NEW_SECURITY_HOTSPOTS_KEY, 1));
+  }
+
+  @Test
+  public void count_impacts() {
+    when(newIssueClassifier.isEnabled()).thenReturn(true);
+
+    underTest.beforeComponent(FILE1);
+    underTest.onIssue(FILE1, createIssue(RESOLUTION_WONT_FIX, STATUS_OPEN, SoftwareQuality.MAINTAINABILITY,  HIGH));
+    underTest.onIssue(FILE1, createIssue(RESOLUTION_WONT_FIX, STATUS_OPEN, SoftwareQuality.MAINTAINABILITY, MEDIUM));
+
+    underTest.onIssue(FILE1, createNewIssue(RESOLUTION_WONT_FIX, STATUS_OPEN, SoftwareQuality.MAINTAINABILITY, HIGH));
+    underTest.onIssue(FILE1, createNewIssue(RESOLUTION_WONT_FIX, STATUS_RESOLVED, SoftwareQuality.MAINTAINABILITY, HIGH));
+    underTest.onIssue(FILE1, createNewIssue(RESOLUTION_WONT_FIX, STATUS_OPEN, SoftwareQuality.MAINTAINABILITY, MEDIUM));
+
+    underTest.onIssue(FILE1, createIssue(RESOLUTION_WONT_FIX, STATUS_OPEN, SoftwareQuality.SECURITY,  HIGH));
+    underTest.onIssue(FILE1, createIssue(RESOLUTION_WONT_FIX, STATUS_OPEN, SoftwareQuality.SECURITY, MEDIUM));
+
+    underTest.onIssue(FILE1, createNewSecurityHotspot());
+    underTest.afterComponent(FILE1);
+
+    underTest.beforeComponent(PROJECT);
+    underTest.afterComponent(PROJECT);
+
+    Set<Map.Entry<String, Measure>> entries = measureRepository.getRawMeasures(FILE1).entrySet();
+
+    assertSoftwareQualityMeasures(SoftwareQuality.MAINTAINABILITY, Map.of(HIGH, 2, MEDIUM, 2, LOW, 0, "total", 4), entries);
+    assertSoftwareQualityMeasures(SoftwareQuality.SECURITY, Map.of(HIGH, 1, MEDIUM, 1, LOW, 0, "total", 2), entries);
+    assertSoftwareQualityMeasures(SoftwareQuality.RELIABILITY, Map.of(HIGH, 0, MEDIUM, 0, LOW, 0, "total", 0), entries);
+  }
+
+  private void assertSoftwareQualityMeasures(SoftwareQuality softwareQuality, Map<? extends Constable, Integer> expectedRaw,
+    Set<Map.Entry<String, Measure>> actualRaw) {
+    Map<String, Long> expectedMap = expectedRaw.entrySet().stream().collect(Collectors.toMap(k -> k.getKey().toString(), v -> v.getValue().longValue()));
+
+    Map.Entry<String, Measure> softwareQualityMap = actualRaw.stream()
+      .filter(e -> e.getKey().equals(IMPACT_TO_METRIC_KEY.get(softwareQuality.name())))
+      .findFirst()
+      .get();
+
+    assertThat(softwareQualityMap.getValue().getData()).isEqualTo(new Gson().toJson(expectedMap));
   }
 
   @Test
@@ -345,9 +398,9 @@ public class IssueCounterTest {
     underTest.beforeComponent(PROJECT);
     underTest.afterComponent(PROJECT);
 
-    assertValues(FILE1, entry(VIOLATIONS_KEY, 2), entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 3),
+    assertIntValue(FILE1, entry(VIOLATIONS_KEY, 2), entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 3),
       entry(HIGH_IMPACT_ACCEPTED_ISSUES_KEY, 3));
-    assertValues(PROJECT, entry(VIOLATIONS_KEY, 2), entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 3),
+    assertIntValue(PROJECT, entry(VIOLATIONS_KEY, 2), entry(NEW_VIOLATIONS_KEY, 1), entry(NEW_ACCEPTED_ISSUES_KEY, 3),
       entry(HIGH_IMPACT_ACCEPTED_ISSUES_KEY, 3));
   }
 
@@ -400,22 +453,23 @@ public class IssueCounterTest {
     underTest.beforeComponent(PROJECT);
     underTest.afterComponent(PROJECT);
 
-    assertValues(FILE1, entry(NEW_VIOLATIONS_KEY, 0), entry(NEW_CRITICAL_VIOLATIONS_KEY, 0), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
+    assertIntValue(FILE1, entry(NEW_VIOLATIONS_KEY, 0), entry(NEW_CRITICAL_VIOLATIONS_KEY, 0), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
       entry(NEW_VULNERABILITIES_KEY, 0));
-    assertValues(PROJECT, entry(NEW_VIOLATIONS_KEY, 0), entry(NEW_CRITICAL_VIOLATIONS_KEY, 0), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
+    assertIntValue(PROJECT, entry(NEW_VIOLATIONS_KEY, 0), entry(NEW_CRITICAL_VIOLATIONS_KEY, 0), entry(NEW_BLOCKER_VIOLATIONS_KEY, 0), entry(NEW_MAJOR_VIOLATIONS_KEY, 0),
       entry(NEW_VULNERABILITIES_KEY, 0));
   }
 
   @SafeVarargs
-  private final void assertValues(Component componentRef, MapEntry<String, Integer>... entries) {
+  private void assertIntValue(Component componentRef, MapEntry<String, Integer>... entries) {
     assertThat(measureRepository.getRawMeasures(componentRef).entrySet()
       .stream()
+      .filter(e -> e.getValue().getValueType() == Measure.ValueType.INT)
       .map(e -> entry(e.getKey(), e.getValue().getIntValue())))
       .contains(entries);
   }
 
   @SafeVarargs
-  private final void assertMeasures(Component componentRef, Map.Entry<String, Integer>... entries) {
+  private void assertMeasures(Component componentRef, Map.Entry<String, Integer>... entries) {
     List<MeasureRepoEntry> expected = stream(entries)
       .map(e -> entryOf(e.getKey(), newMeasureBuilder().create(e.getValue())))
       .toList();
@@ -429,6 +483,10 @@ public class IssueCounterTest {
   }
 
   private DefaultIssue createNewIssue(@Nullable String resolution, String status, Severity impactSeverity) {
+    return createNewIssue(resolution, status, SoftwareQuality.MAINTAINABILITY, impactSeverity);
+  }
+
+  private DefaultIssue createNewIssue(@Nullable String resolution, String status, SoftwareQuality softwareQuality, Severity impactSeverity) {
     DefaultIssue issue = createNewIssue(resolution, status, MAJOR, CODE_SMELL);
     issue.addImpact(SoftwareQuality.MAINTAINABILITY, impactSeverity);
     return issue;
@@ -445,8 +503,12 @@ public class IssueCounterTest {
   }
 
   private static DefaultIssue createIssue(@Nullable String resolution, String status, Severity impactSeverity) {
+    return createIssue(resolution, status, SoftwareQuality.MAINTAINABILITY, impactSeverity);
+  }
+
+  private static DefaultIssue createIssue(@Nullable String resolution, String status, SoftwareQuality softwareQuality, Severity impactSeverity) {
     DefaultIssue issue = createIssue(resolution, status, MAJOR, CODE_SMELL);
-    issue.addImpact(SoftwareQuality.MAINTAINABILITY, impactSeverity);
+    issue.addImpact(softwareQuality, impactSeverity);
     return issue;
   }
 
diff --git a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/measure/ws/ComponentActionIT.java b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/measure/ws/ComponentActionIT.java
index 41bd51132c6..eff6949d655 100644
--- a/server/sonar-webserver-webapi/src/it/java/org/sonar/server/measure/ws/ComponentActionIT.java
+++ b/server/sonar-webserver-webapi/src/it/java/org/sonar/server/measure/ws/ComponentActionIT.java
@@ -19,6 +19,8 @@
  */
 package org.sonar.server.measure.ws;
 
+import com.google.gson.Gson;
+import java.util.Map;
 import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.api.server.ws.WebService;
@@ -46,6 +48,7 @@ import static java.lang.Double.parseDouble;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 import static org.assertj.core.api.Assertions.tuple;
+import static org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES;
 import static org.sonar.api.measures.Metric.ValueType.INT;
 import static org.sonar.api.utils.DateUtils.parseDateTime;
 import static org.sonar.api.web.UserRole.USER;
@@ -59,6 +62,9 @@ import static org.sonar.server.component.ws.MeasuresWsParameters.PARAM_COMPONENT
 import static org.sonar.server.component.ws.MeasuresWsParameters.PARAM_METRIC_KEYS;
 import static org.sonar.server.component.ws.MeasuresWsParameters.PARAM_PULL_REQUEST;
 import static org.sonar.test.JsonAssert.assertJson;
+import static org.sonarqube.ws.Common.ImpactSeverity.HIGH;
+import static org.sonarqube.ws.Common.ImpactSeverity.LOW;
+import static org.sonarqube.ws.Common.ImpactSeverity.MEDIUM;
 
 public class ComponentActionIT {
 
@@ -324,7 +330,6 @@ public class ComponentActionIT {
     ProjectData projectData = db.components().insertPrivateProject(p -> p.setEnabled(false));
     ComponentDto mainBranch = projectData.getMainBranchComponent();
     userSession.addProjectPermission(USER, projectData.getProjectDto());
-    userSession.addProjectPermission(USER, projectData.getProjectDto());
     MetricDto metric = db.measures().insertMetric(m -> m.setValueType("INT"));
 
     assertThatThrownBy(() -> {
@@ -356,6 +361,33 @@ public class ComponentActionIT {
       .hasMessage(String.format("Component '%s' on branch '%s' not found", file.getKey(), "another_branch"));
   }
 
+  @Test
+  public void should_return_data_type_measure() {
+    ProjectData projectData = db.components().insertPrivateProject(p -> p.setKey("MY_PROJECT").setName("My Project"));
+    userSession.addProjectPermission(USER, projectData.getProjectDto()).registerBranches(projectData.getMainBranchDto());
+    ComponentDto mainBranch = projectData.getMainBranchComponent();
+    SnapshotDto analysis = db.components().insertSnapshot(mainBranch, s -> s.setPeriodDate(parseDateTime("2016-01-11T10:49:50+0100").getTime())
+      .setPeriodMode("previous_version")
+      .setPeriodParam("1.0-SNAPSHOT"));
+
+    MetricDto metric = db.measures().insertMetric(m -> m.setValueType("DATA")
+      .setShortName(RELIABILITY_ISSUES.getName())
+      .setKey(RELIABILITY_ISSUES.getKey())
+      .setBestValue(null)
+      .setWorstValue(null));
+
+    Map<String, Long> reliabilityIssuesMap = Map.of(HIGH.name(), 1L, MEDIUM.name(), 2L, LOW.name(), 3L, "total", 6L);
+    String expectedJson = new Gson().toJson(reliabilityIssuesMap);
+    db.measures().insertLiveMeasure(mainBranch, metric, m -> m.setData(expectedJson));
+
+    db.commit();
+
+    ComponentWsResponse response = newRequest(projectData.projectKey(), RELIABILITY_ISSUES.getKey());
+    String json = response.getComponent().getMeasures(0).getValue();
+
+    assertThat(json).isEqualTo(expectedJson);
+  }
+
   @Test
   public void shouldReturnRenamedMetric() {
     ProjectData projectData = db.components().insertPrivateProject(p -> p.setKey("MY_PROJECT")
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentAction.java
index 3106b59679b..df415e0af1c 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentAction.java
@@ -96,6 +96,7 @@ public class ComponentAction implements MeasuresWsAction {
       .setResponseExample(getClass().getResource("component-example.json"))
       .setSince("5.4")
       .setChangelog(
+        new Change("10.4", "Added new accepted values for the 'metricKeys' param: 'maintainability_issues', 'reliability_issues', 'security_issues'"),
         new Change("10.4", "The metrics 'open_issues', 'reopened_issues' and 'confirmed_issues' are now deprecated in the response. Consume 'violations' instead."),
         new Change("10.4", "The use of 'open_issues', 'reopened_issues' and 'confirmed_issues' values in 'metricKeys' param are now deprecated. Use 'violations' instead."),
         new Change("10.4", "The metric 'wont_fix_issues' is now deprecated in the response. Consume 'accepted_issues' instead."),
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java
index 166a1498005..f2589b80489 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/ComponentTreeAction.java
@@ -181,6 +181,7 @@ public class ComponentTreeAction implements MeasuresWsAction {
       .setHandler(this)
       .addPagingParams(100, MAX_SIZE)
       .setChangelog(
+        new Change("10.4", "Added new accepted values for the 'metricKeys' param: 'maintainability_issues', 'reliability_issues', 'security_issues'"),
         new Change("10.4", "The metrics 'open_issues', 'reopened_issues' and 'confirmed_issues' are now deprecated in the response. Consume 'violations' instead."),
         new Change("10.4", "The use of 'open_issues', 'reopened_issues' and 'confirmed_issues' values in 'metricKeys' param are now deprecated. Use 'violations' instead."),
         new Change("10.4", "The metric 'wont_fix_issues' is now deprecated in the response. Consume 'accepted_issues' instead."),
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/SearchAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/SearchAction.java
index 409641c7e38..28100a08242 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/SearchAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/measure/ws/SearchAction.java
@@ -19,7 +19,6 @@
  */
 package org.sonar.server.measure.ws;
 
-import com.google.common.collect.ImmutableSet;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashSet;
@@ -66,7 +65,7 @@ import static org.sonar.server.ws.WsUtils.writeProtobuf;
 public class SearchAction implements MeasuresWsAction {
 
   private static final int MAX_NB_PROJECTS = 100;
-  private static final Set<String> ALLOWED_QUALIFIERS = ImmutableSet.of(PROJECT, APP, VIEW, SUBVIEW);
+  private static final List<String> ALLOWED_QUALIFIERS = List.of(PROJECT, APP, VIEW, SUBVIEW);
 
   private final UserSession userSession;
   private final DbClient dbClient;
@@ -88,6 +87,7 @@ public class SearchAction implements MeasuresWsAction {
       .setResponseExample(getClass().getResource("search-example.json"))
       .setHandler(this)
       .setChangelog(
+        new Change("10.4", "Added new accepted values for the 'metricKeys' param: 'maintainability_issues', 'reliability_issues', 'security_issues'"),
         new Change("10.4", "The metrics 'open_issues', 'reopened_issues' and 'confirmed_issues' are now deprecated in the response. Consume 'violations' instead."),
         new Change("10.4", "The use of 'open_issues', 'reopened_issues' and 'confirmed_issues' values in 'metricKeys' param are now deprecated. Use 'violations' instead."),
         new Change("10.4", "The metric 'wont_fix_issues' is now deprecated in the response. Consume 'accepted_issues' instead."),
diff --git a/sonar-core/src/main/resources/org/sonar/l10n/core.properties b/sonar-core/src/main/resources/org/sonar/l10n/core.properties
index 2f8e794111c..07a721c42c2 100644
--- a/sonar-core/src/main/resources/org/sonar/l10n/core.properties
+++ b/sonar-core/src/main/resources/org/sonar/l10n/core.properties
@@ -3271,6 +3271,12 @@ metric.new_accepted_issues.name=New Accepted Issues
 metric.new_accepted_issues.description=New accepted issues
 metric.high_impact_accepted_issues.name=High Impact Accepted Issues
 metric.high_impact_accepted_issues.description=Accepted issues with high impact
+metric.maintainability_issues.name=Maintainability Issues
+metric.maintainability_issues.description=Maintainability issues
+metric.reliability_issues.name=Reliability Issues
+metric.reliability_issues.description=Reliability issues
+metric.security_issues.name=Security Issues
+metric.security_issues.description=Security issues
 
 #------------------------------------------------------------------------------
 #
-- 
2.39.5