In my latest update i share how we got up in running over just 9 days.
https://repowatch.io/blog/repowatch-week-one-what-we-built
You can read about all the features we released and how the latest Complexity Risk Score works.
How Complexity Risk Score works
Complexity Risk measures how likely a codebase is to have performance scaling problems — without executing any code.
The scanner reads every source file and uses pattern matching to detect common code shapes that tend to slow down as data grows:
Nested loops (loop inside a loop) — flagged as O(n²), "grows fast"
Linear search inside a loop (.find/.filter/.includes in a loop body) — also O(n²)
Sorting inside a loop — O(n log n), "moderate growth"
Network/DB calls inside a loop (fetch, prisma, etc.) — O(n), scales linearly with data
Each detected pattern gets a fixed risk rating (72–92), a complexity class label, a 4-line code snippet, and a language-specific refactoring suggestion.
The top 3 worst findings drive the score — starting from a perfect 100 and deducting 6–20 points each based on severity, with a small extra penalty if more than 3 hotspots exist. When nothing is found, the panel flips to green "all clear" signals for each pattern category.
Complexity Risk contributes 10% of the overall repo health score, alongside Code Quality (30%), Test Confidence (25%), Security Hygiene (25%), and AI Risk Indicators (10%).
Comments (2)
This is going to help a lot of people. And if you ever need DDoS protection with a proper firewall for your website, just let us know!
I built RepoWatch for a problem I kept seeing over and over: codebases that run, people depend on them, but nobody is fully confident owning them. I'd love to get feedback so please reach out.