Softagram impact reports provide insight on riskiness of changed files. Riskiness of a single file is a product of multiple metrics gathered during Softagram analysis process. It is currently based on the following metrics:
change density - how many times has the file been changed during last year
code complexity - lines of code is used as a coarse but good language-agnostic complexity metric
technical debt - ratio of fix commits vs. other commits during the last year, as an indicator of level of technical debt
coupling - incoming dependency count i.e. how many "users" does the file have
Risk level is normalized to a scale of 0..100. Currently it is based on fixed, metric-wise thresholds that are tuned manually as we get more understanding. In the future it will become more dynamic and adaptive to each repository's relative risk levels. In impact reports you'll only see the top 5 riskiest files. Files with risk level less than 10 are not listed at all.
Want to learn more? Read about the other metrics calculated during analysis: Softagram attributes explained