Skip to main content

Repository Importance Score

The Repository Importance Score indicates the relative criticality of a repository, allowing you to focus on the most critical repositories, thereby enabling you to make informed decisions about security vulnerabilities and safeguard the integrity of business-critical functionalities.

Application Security assigns an importance score to a repository based on factors including maintenance frequency, usage, characteristics, path to production and more. The importance score ranges between 1-4 (Low), 5-7 (Medium) and 8-10 (High).

Instead of the system-calculated importance score, you can assign a custom importance score to a repository to indicate its criticality relative to other repositories. This allows you to incorporate additional context beyond the calculated metrics, reflecting your organization's specific evaluation of the repository's importance. Once set, the system uses the custom repository importance score.

The following endpoints allow you to retrieve and set the calculated repository importance scores.

  • Retrieve Calculated Scores: You can retrieve the pre-calculated importance scores for repositories. The score reflects the relative criticality of each repository for security purposes based on the amount of commits and other factors such as business impact.

  • Set Custom Scores (Optional): Additionally, you can set a custom score for a repository. This allows you to incorporate additional context beyond the calculated metrics, reflecting your organization's evaluation of the repository's importance. When set, custom scores override system scores.