Xray calculates the Operational Risk as High, Medium, Low, and None (no known risk) using the following criteria. For information on how Xray calculates operational risk effective severity, see the table Calculating Operational Risk Effective Severity further below.
Risk | Type | Severity | Notes |
---|---|---|---|
End-of-Life | Boolean | High = True None = False | |
Version Age | Number | Number of months since release / 10 High >= 4 Medium > 2 and < 4 Low > 1 and <= 2 None (no risk) <=1 | |
Number of New Versions | Number | Number of versions since / 2 High >= 6 Medium >= 4 and < 6 Low >= 2 and < 4 None (no risk) < 2 | |
Health of Open Source Project | |||
Release cadence per year | Healthy >= 2 releases Unhealthy <= 1 | This includes all releases. Including any dot releases and patch releases if they are GA releases. When there is no data, it is presumed as healthy | |
Number of commits per year | Healthy >= 100 commits Unhealthy < 100 commits | ||
Number of committers per year | Healthy > = 5 committers Unhealthy < 5 c ommitters |
Calculating Operational Risk Effective Severity
# | EOL | Health | # of new versions | Version Age | Combine Severity | Risk Reason |
---|---|---|---|---|---|---|
1 | High | Any | Any | Any | High | EOL |
2 | None | High Risk | Any | Any | High | Health |
3 | None | No Risk | High | None, Low, Medium, High | High | Number of new versions and Version Age (only when High) |
4 | None | No Risk | Medium | None, Low, Medium | Medium | Number of new versions and Version Age (only when Medium) |
5 | None | No Risk | Low | None, Low | Low | Number of new versions and Version Age (only when Low) |
6 | None | No Risk | None | None | None | No given reason |
7 | None | No Risk | None, Low, Medium, High | High | High | Version Age and number of new versions (only when High) |
8 | None | No Risk | None, Low, Medium | Medium | Medium | Version Age and number of new versions (only when Medium) |
9 | None | No Risk | None, Low | Low | Low | Version Age and number of new versions (only when Low) |