# IRL

### What is LIRL?

LIRL stands for Lineaje Inherent Risk Score. The inherent risk is represented as LIRL in a scale of 0-10

* ZIRL 0: Zero IRL. Zero risk with this component/project. This is the preferred IRL.
* LIRL : Low IRL. Risk score falls between 0.1 to 3.9. The component/project carries a lower risk
* MIRL: Medium IRL. Risk score falls between 4.0 to 6.9. The component/project carries a medium risk
* HIRL: High IRL. Risk score falls between 7.0 to 8.9. The component/project carries a high risk
* CIRL 4: Critical IRL. Risk score falls between 9.0 to 10.0. The component/project carries critical risk

### How is IRL calculated?

IRL is calculated based on 4 factors - age, vulnerability score, code quality score, security posture score. IRL is calculated as a weighted average.

                                    **IRL of project = mean(components IRL in dependency tree)**

<table data-header-hidden><thead><tr><th width="165"></th><th width="150"></th><th></th></tr></thead><tbody><tr><td><strong>IRL contributor</strong></td><td><strong>Weightage</strong></td><td><strong>Description</strong></td></tr><tr><td>Vulnerability</td><td>80% weightage</td><td><ul><li>3.0 score if atleast one exploitable vulnerability found</li><li>2.0 score if atleast one critical vulnerability found</li><li>1.5 score if atleast one high vulnerability found</li><li>1.0 score if atleast one medium vulnerability found</li><li>0.5 score if atleast one low vulnerability found</li></ul></td></tr><tr><td>Unmaintained Component</td><td>10% weightage</td><td><ul><li>1.0 score based on maintained/unmaintained (0.0 or 1.0)</li></ul></td></tr><tr><td>Security Posture</td><td>5% weightage</td><td><ul><li>0.5 rating based on atleast one security posture issue (0.0 or 0.5)</li></ul></td></tr><tr><td>Code Quality</td><td>5% weightage</td><td><ul><li>0.5 rating based on atleast one Code Quality issue (0.0 or 0.5)</li></ul></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.veedna.com/sbom360-osm/explore-your-sbom/irl.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.