IRL
What is LIRL?
LIRL stands for Lineaje Inherent Risk Score. The inherent risk is represented as LIRL in a scale of 0-10
ZIRL 0: Zero IRL. Zero risk with this component/project. This is the preferred IRL.
LIRL : Low IRL. Risk score falls between 0.1 to 3.9. The component/project carries a lower risk
MIRL: Medium IRL. Risk score falls between 4.0 to 6.9. The component/project carries a medium risk
HIRL: High IRL. Risk score falls between 7.0 to 8.9. The component/project carries a high risk
CIRL 4: Critical IRL. Risk score falls between 9.0 to 10.0. The component/project carries critical risk
How is IRL calculated?
IRL is calculated based on 4 factors - age, vulnerability score, code quality score, security posture score. IRL is calculated as a weighted average.
IRL of project = mean(components IRL in dependency tree)
IRL contributor | Weightage | Description |
Vulnerability | 80% weightage |
|
Unmaintained Component | 10% weightage |
|
Security Posture | 5% weightage |
|
Code Quality | 5% weightage |
|
Last updated