All Collections
Softagram Risk Score explained
Softagram Risk Score explained

How Softagram Risk Score is calculated

Matti Mäki avatar
Written by Matti Mäki
Updated over a week ago

Softagram impact reports provide insight on riskiness of changed files. Riskiness of a single file is a product of multiple metrics gathered during Softagram analysis process. It is currently based on the following metrics:

  • change density - how many times has the file been changed during last year

  • code complexity - lines of code is used as a coarse but good language-agnostic complexity metric

  • technical debt - ratio of fix commits vs. other commits during the last year, as an indicator of level of technical debt

  • coupling - incoming dependency count i.e. how many "users" does the file have

Risk level is normalized to a scale of 0..100. Currently it is based on fixed, metric-wise thresholds that are tuned manually as we get more understanding. In the future it will become more dynamic and adaptive to each repository's relative risk levels. In impact reports you'll only see the top 5 riskiest files. Files with risk level less than 10 are not listed at all.

Want to learn more? Read about the other metrics calculated during analysis: Softagram attributes explained

Did this answer your question?