Technical Product Management Course · by Stanislav Belyaev
EN RU

Change Failure Rate (CFR)

3 outgoing · 19 incoming · 22 total connections

Map Detail
Delivery & Pipeline AMPLIFIED IN MONOREPO

Change Failure Rate (CFR)

Change Failure Rate measures the percentage of production deployments that result in a degraded service requiring rollback, hotfix, or emergency remediation. It serves as a quality gate for the delivery pipeline, revealing whether speed is being achieved at the expense of reliability. A low CFR indicates that testing, review, and release processes are effectively catching defects before they reach users.

Percentage of deployments causing service degradation. Elite level: <5%; Entry level: >30%.

MONOREPO CONTEXT

AMPLIFIED: A bug in a shared library can impact dozens of services simultaneously. Without strict blast radius controls, a single bad commit can have organization-wide consequences. Mitigated by automated presubmit testing of all affected dependencies (e.g., Google's approach).

Scale Impact
👤 Solo / Pair (1–3)
0.4
👥 Team (4–15)
0.5
🏢 Department (15–100)
0.7
🏛️ Organization (100+)
1

Blast radius grows with shared codebase size. DORA finds only 8.5% of orgs achieve 0-2% failure rate — it gets exponentially harder at scale.

3
Influences
19
Influenced by

→ Influences

Incident Frequency

More failures → more incidents.

Direct causal
GitLab DORA Metrics Documentation
Deployment Frequency

High failure → deployment aversion.

Risk aversion
Incident.io DORA Hub
Developer Satisfaction

Failures → fear culture around shipping.

Deployment anxiety
DORA Well-being Documentation

← Influenced by

Medium CriticalMONODIST
Code Review Turnaround

Pressure to skip thorough reviews → rubber-stamping.

PRs waiting 3+ days: less thorough
PropelCode, Cubic, ITProToday
Monorepo: Cross-team PRs in monorepos often require multiple CODEOWNER approvals, adding latency and rubber-stamp pressure.
Distributed: Multi-day review cycles create pressure to rubber-stamp. Reviewers in other TZs may not have full context of recent changes.
PR Size

>1,000 lines → 70% lower defect detection.

<300 lines get 60% more thorough reviews
SmartBear/Cisco (2,500 reviews), PropelCode, Microsoft
Code Coverage

Higher coverage catches more bugs pre-production.

Google thresholds
Google + industry standards
Context Switching

Divided attention increases error rates.

Cognitive science
American Psychological Association, UC Irvine
Flow State

Deep focus → higher quality code.

Up to 500% productivity
Csikszentmihalyi 10-year study, Stack Overflow 2023
Cognitive Load

Overloaded devs make more mistakes.

Primary error cause
Developer productivity research consensus
Developer Satisfaction

Engaged devs take more care.

4–5× quality at top DXI
Developer Experience Index (DXI)
Environment Parity

Eliminates 'works on my machine' bugs.

12-Factor App
12-Factor App methodology
Technical Debt

Fragile code breaks more often under change.

DORA change failure rate benchmarks
Code Complexity

Bug density rises above threshold.

>20 = high risk
Code quality research
Feature Flags

Progressive rollouts catch issues at small blast radius.

Reduces blast radius
LaunchDarkly DORA Metrics Guide
Deployment Frequency

Smaller, frequent deploys reduce risk.

Throughput ≠ stability trade-off
DORA Official Guide
High CriticalDIST
Code Ownership Clarity

Clear ownership ensures proper review of changes. Without it, shared code gets modified without expert review.

Google: every directory has code owners
Google Engineering, Aviator, arXiv study
Distributed: Without TZ-distributed ownership, shared code changes are reviewed by whoever is online rather than domain experts, reducing review quality.
Shared Lib Blast Radius

A shared utility change affecting 50 services has 50× the blast radius of a single-service change.

Google uses Rosie for automated Large-Scale Changes
Google SRE Book, DORA Research
Distributed: A shared library bug deployed while domain experts are asleep in another TZ has organization-wide impact with no one available who understands the change.
Async Comm Quality

Better PR descriptions give reviewers full context even without real-time discussion, improving review thoroughness.

DORA: faster reviews → 50% better delivery; LinearB: workflow automation improves quality
Code review research
Review Timezone Coverage

Domain expert reviewers per TZ means code reviewed by people who understand it, not just whoever is online.

Expert review > available review
Code review research
AI Tools Adoption Rate

AI adoption correlates with decreased delivery stability. AI-generated code introduces more bugs that slip through initial review.

DORA 2024: negative relationship between AI adoption and delivery stability
DORA 2025 State of AI-Assisted Software Development
AI Security Vuln Rate

45-51% of AI code has security flaws. Directly increases production failures and security incidents.

45-51% vulnerability rate
Veracode 2025 GenAI Code Security Report - Already Validated
AI Tech Debt Rate

Surge in code duplication (+8x) and 40% drop in refactoring leads to 'copy-paste' debt that human reviewers miss, increasing production bugs.

GitClear 2024: 'mistake code' committed rose from 5.5% to 7.9% with AI.
GitClear 2024-2025 Research
Metrics map by Stanislav Belyaev · Analysis powered by Anthropic Claude Opus 4.6 · All data validated by human experts