If an individual contribution to a codebase passes the audit, that contribution is certified. If every contribution to a codebase has been certified – or the entire codebase has passed and been certified as one contribution – the codebase is certified.
If the public code audit process is added to a codebase later in its development, new merge requests can be certified but the existing code cannot be. By auditing every contribution the codebase can move towards being completely certified. For the codebase to be completely certified every meaningful line of code, and the commits behind the code, must meet the Standard for Public Code.
Read more about codebase stewardship for existing projects.