I’ve heard managers ask developers this question. It’s like the number of lines changed is going to mitigate risk somehow. The unstated assumption is: the more code this guy writes the higher the chance of him introducing a bug. Trust is at an all time low; the brittleness of the system an all time high.
Almost every system could be compromised with a one line change. Ask yourself what that one line would be for your system. I’m sure you’ll come up with one.
What’s disturbing about this question is that managers are now making calls on how and how much code is written. That’s like me asking an electrician “is it a one wire change?” It makes no more sense in that scenario either.