@eduardbar/drift 1.1.0 → 1.3.0

package/.github/workflows/publish-vscode.yml

@@ -24,14 +24,14 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ github.event_name == 'release' && github.ref || github.event.repository.default_branch }}
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v5
         with:
-          node-version: '20'
+          node-version: '22'
           cache: 'npm'
           cache-dependency-path: packages/vscode-drift/package-lock.json
 

package/.github/workflows/publish.yml

@@ -18,14 +18,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ github.event_name == 'workflow_dispatch' && format('refs/tags/v{0}', inputs.tag) || github.ref }}
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v5
         with:
-          node-version: '20'
+          node-version: '22'
           registry-url: 'https://registry.npmjs.org'
           cache: 'npm'
 

package/.github/workflows/review-pr.yml

@@ -0,0 +1,153 @@
+name: Drift PR Review
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  drift-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v5
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      # Run directly from TypeScript source in this PR to avoid stale dist artifacts.
+      - name: Generate drift review markdown
+        run: npx --no-install tsx ./src/cli.ts review --base "origin/${{ github.base_ref }}" --comment > drift-review.md
+
+      - name: Generate drift trust markdown
+        run: npx --no-install tsx ./src/cli.ts trust . --base "origin/${{ github.base_ref }}" --markdown --json-output drift-trust.json > drift-trust.md
+
+      - name: Extract trust KPI values
+        id: trust_kpi
+        run: |
+          node --input-type=module -e "
+            import fs from 'node:fs'
+            const payload = JSON.parse(fs.readFileSync('drift-trust.json', 'utf8'))
+            const score = payload.trust_score ?? 'n/a'
+            const risk = payload.merge_risk ?? 'n/a'
+            const diff = payload.diff_context ?? {}
+            const newIssues = diff.newIssues ?? 'n/a'
+            const resolvedIssues = diff.resolvedIssues ?? 'n/a'
+            fs.appendFileSync(process.env.GITHUB_OUTPUT, [
+              'trust_score=' + score,
+              'merge_risk=' + risk,
+              'new_issues=' + newIssues,
+              'resolved_issues=' + resolvedIssues,
+            ].join('\\n') + '\\n')
+          "
+
+      - name: Publish trust KPI step summary
+        run: |
+          {
+            echo "## drift trust KPI"
+            echo
+            echo "- Trust score: **${{ steps.trust_kpi.outputs.trust_score }}**"
+            echo "- Merge risk: **${{ steps.trust_kpi.outputs.merge_risk }}**"
+            echo "- New issues vs base: **${{ steps.trust_kpi.outputs.new_issues }}**"
+            echo "- Resolved issues vs base: **${{ steps.trust_kpi.outputs.resolved_issues }}**"
+          } >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Validate trust gate from generated JSON
+        run: |
+          set -euo pipefail
+          npx --no-install tsx ./src/cli.ts trust-gate drift-trust.json --min-trust 40 --max-risk HIGH | tee drift-trust-gate.txt
+
+      - name: Aggregate trust KPI from trust JSON artifact
+        run: npx --no-install tsx ./src/cli.ts kpi drift-trust.json --no-summary > drift-trust-kpi.json
+
+      - name: Extract aggregated KPI values
+        id: trust_kpi_aggregate
+        run: |
+          node --input-type=module -e "
+            import fs from 'node:fs'
+            const payload = JSON.parse(fs.readFileSync('drift-trust-kpi.json', 'utf8'))
+            const files = payload.files ?? {}
+            const trustScore = payload.trustScore ?? {}
+            const highRiskRatio = payload.highRiskRatio
+            fs.appendFileSync(process.env.GITHUB_OUTPUT, [
+              'matched=' + (files.matched ?? 'n/a'),
+              'parsed=' + (files.parsed ?? 'n/a'),
+              'malformed=' + (files.malformed ?? 'n/a'),
+              'prs=' + (payload.prsEvaluated ?? 'n/a'),
+              'avg=' + (trustScore.average ?? 'n/a'),
+              'high_risk_ratio=' + (highRiskRatio == null ? 'n/a' : Number(highRiskRatio * 100).toFixed(2) + '%'),
+            ].join('\\n') + '\\n')
+          "
+
+      - name: Publish trust KPI aggregate summary
+        run: |
+          {
+            echo
+            echo "## drift trust KPI aggregate"
+            echo
+            echo "- Files matched/parsed/malformed: **${{ steps.trust_kpi_aggregate.outputs.matched }} / ${{ steps.trust_kpi_aggregate.outputs.parsed }} / ${{ steps.trust_kpi_aggregate.outputs.malformed }}**"
+            echo "- PR samples evaluated: **${{ steps.trust_kpi_aggregate.outputs.prs }}**"
+            echo "- Aggregate trust score avg: **${{ steps.trust_kpi_aggregate.outputs.avg }}**"
+            echo "- High-risk ratio (HIGH+CRITICAL): **${{ steps.trust_kpi_aggregate.outputs.high_risk_ratio }}**"
+          } >> "$GITHUB_STEP_SUMMARY"
+
+      - name: Upload drift trust JSON artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: drift-trust-json-pr-${{ github.event.pull_request.number }}-run-${{ github.run_attempt }}
+          path: |
+            drift-trust.json
+            drift-trust-gate.txt
+            drift-trust-kpi.json
+          if-no-files-found: error
+          retention-days: 14
+
+      - name: Post or update PR comment (non-fork only)
+        if: github.event.pull_request.head.repo.fork == false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          REPO: ${{ github.repository }}
+        run: |
+          COMMENT_BODY="<!-- drift-review -->"
+          COMMENT_BODY+=$'\n'
+          COMMENT_BODY+="## drift trust"$'\n\n'
+          COMMENT_BODY+="$(cat drift-trust.md)"
+          COMMENT_BODY+=$'\n\n'
+          COMMENT_BODY+="## drift review"$'\n\n'
+          COMMENT_BODY+="$(cat drift-review.md)"
+          COMMENT_BODY+=$'\n\n'
+          COMMENT_BODY+="<!-- drift-trust-kpi score=${{ steps.trust_kpi.outputs.trust_score }} risk=${{ steps.trust_kpi.outputs.merge_risk }} new=${{ steps.trust_kpi.outputs.new_issues }} resolved=${{ steps.trust_kpi.outputs.resolved_issues }} -->"
+
+          EXISTING_ID=$(gh api "repos/$REPO/issues/$PR_NUMBER/comments" --jq '.[] | select(.user.login == "github-actions[bot]") | select(.body | contains("<!-- drift-review -->")) | .id' | sed -n '1p')
+
+          if [ -n "$EXISTING_ID" ]; then
+            gh api -X PATCH "repos/$REPO/issues/comments/$EXISTING_ID" -f "body=$COMMENT_BODY"
+          else
+            gh api -X POST "repos/$REPO/issues/$PR_NUMBER/comments" -f "body=$COMMENT_BODY"
+          fi
+
+      - name: Fallback summary for fork PRs
+        if: github.event.pull_request.head.repo.fork == true
+        run: |
+          {
+            echo "## drift trust"
+            echo
+            cat drift-trust.md
+            echo
+            echo "## drift review"
+            echo
+            cat drift-review.md
+          } >> "$GITHUB_STEP_SUMMARY"
+

package/AGENTS.md

@@ -106,6 +106,11 @@ npm run test:watch # vitest (watch mode)
 | `--ai` | boolean | JSON optimizado para LLMs (`AIOutput`) |
 | `--fix` | boolean | Muestra sugerencias de fix en consola |
 | `--min-score <n>` | number | Exit code 1 si score supera umbral (CI) |
+| `--low-memory` | boolean | Activa análisis por chunks para bajar el pico de RAM |
+| `--chunk-size <n>` | number | Cantidad de archivos por chunk en low-memory mode |
+| `--max-files <n>` | number | Límite blando de archivos analizados (el resto se reporta como skip) |
+| `--max-file-size-kb <n>` | number | Saltea archivos grandes y agrega diagnóstico de skip |
+| `--with-semantic-duplication` | boolean | Rehabilita semantic-duplication en low-memory mode |
 
 **Uso básico:**
 ```bash
@@ -114,6 +119,7 @@ npx @eduardbar/drift scan ./src --min-score 60
 npx @eduardbar/drift scan ./src --ai | pbcopy   # pegar en Claude/GPT
 npx @eduardbar/drift scan ./src --fix           # ver sugerencias inline
 npx @eduardbar/drift scan ./src -o report.md    # exportar Markdown
+npx @eduardbar/drift scan ./src --low-memory --max-file-size-kb 1024
 ```
 
 ---

package/README.md

@@ -1,8 +1,8 @@
-![drift — technical debt detector for AI-generated code](./assets/og.png)
+![drift - AI Code Audit CLI for merge trust](./assets/og.png)
 
 # drift
 
-Detect technical debt in AI-generated TypeScript code. One command. Zero config.
+AI Code Audit CLI for AI-assisted PRs. Drift turns static signals into merge trust decisions before you merge.
 
 ![npm](https://img.shields.io/npm/v/@eduardbar/drift?color=6366f1&label=npm)
 ![license](https://img.shields.io/badge/license-MIT-green.svg)
@@ -20,7 +20,7 @@ AI coding tools ship code fast. They also leave behind consistent, predictable s
 
 GitClear's 2024 analysis of 211M lines of code found a **39.9% drop in refactoring activity** and an **8x increase in duplicated code blocks** since AI tools became mainstream. A senior engineer on r/vibecoding put it plainly: _"The code looks reviewed. It isn't. Nobody's reading 400-line files the AI dumped in one shot."_
 
-drift gives you a 0–100 score per file and project so you know what to look at before it reaches production.
+drift gives you debt signals (`scan`, `review`) and a trust decision layer (`trust`) so teams can merge with confidence instead of guesswork.
 
 **How drift compares to existing tools:**
 
@@ -50,6 +50,7 @@ npm install --save-dev @eduardbar/drift
 ## Product Docs
 
 - Product requirements and roadmap: [`docs/PRD.md`](./docs/PRD.md)
+- Trust core release checklist: [`docs/trust-core-release-checklist.md`](./docs/trust-core-release-checklist.md)
 - Contributor/agent workflow guide: [`docs/AGENTS.md`](./docs/AGENTS.md)
 
 ---
@@ -68,6 +69,7 @@ drift scan ./src --json
 drift scan ./src --ai
 drift scan ./src --fix
 drift scan ./src --min-score 50
+drift scan ./src --low-memory --max-file-size-kb 1024
 ```
 
 **Options:**
@@ -79,6 +81,11 @@ drift scan ./src --min-score 50
 | `--ai` | Output structured JSON optimized for LLM consumption (Claude, GPT, etc.) |
 | `--fix` | Print inline fix suggestions for each detected issue |
 | `--min-score <n>` | Exit with code 1 if the overall score meets or exceeds this threshold |
+| `--low-memory` | Analyze files in bounded chunks to reduce peak RAM |
+| `--chunk-size <n>` | Files per chunk in low-memory mode (default: 40) |
+| `--max-files <n>` | Soft cap on analyzed files; extra files are skipped with diagnostics |
+| `--max-file-size-kb <n>` | Skip oversized files with diagnostics to avoid OOM |
+| `--with-semantic-duplication` | Keep semantic duplication rule enabled in low-memory mode |
 
 **Example output:**
 
@@ -146,11 +153,96 @@ drift review --base origin/main --fail-on 5
 | `--comment` | Print only the markdown body for PR comments |
 | `--fail-on <n>` | Exit code 1 when score delta is greater than or equal to `n` |
 
+`drift review` is best used as supplementary diff context alongside `drift trust` in pull-request workflows.
+
+---
+
+### `drift trust [path]`
+
+Compute merge trust baseline for local checks and CI merge gates.
+
+```bash
+drift trust
+drift trust ./src
+drift trust ./src --json
+drift trust ./src --base origin/main
+drift trust ./src --base origin/main --markdown
+drift trust ./src --markdown --output trust.md
+drift trust ./src --min-trust 45
+drift trust ./src --max-risk HIGH
+drift trust ./src --branch main
+drift trust ./src --branch release/v1.4.0 --policy-pack strict --explain-policy
+drift trust ./src --advanced-trust
+drift trust ./src --advanced-trust --previous-trust ./artifacts/prev-trust.json
+drift trust ./src --advanced-trust --history-file ./drift-history.json --markdown
+```
+
+| Flag | Description |
+|------|-------------|
+| `--base <ref>` | Compare against a git base ref and include deterministic diff-aware penalties/bonuses |
+| `--json` | Output structured trust JSON (`trust_score`, `merge_risk`, `top_reasons`, `fix_priorities`, optional `diff_context`) |
+| `--markdown` | Output PR-ready markdown trust summary |
+| `--output <file>` | Write selected trust output format to file |
+| `--min-trust <n>` | Exit code 1 when trust score is below `n` |
+| `--max-risk <level>` | Exit code 1 when computed merge risk exceeds `LOW`, `MEDIUM`, `HIGH`, or `CRITICAL` |
+| `--branch <name>` | Branch used for `drift.config` trust policy matching (falls back to CI env vars) |
+| `--policy-pack <name>` | Optional trust policy pack from `trustGate.policyPacks` in `drift.config.*` |
+| `--explain-policy` | Print base/pack/branch/override resolution and effective gate policy to stderr |
+| `--advanced-trust` | Enable optional advanced trust layer (historical comparison + team guidance metadata) |
+| `--previous-trust <file>` | Compare current trust against a prior trust JSON file in advanced mode |
+| `--history-file <file>` | Use a specific `drift-history.json` file for advanced historical fallback |
+
+When `trustGate` policy is configured in `drift.config.*`, branch-based thresholds are applied automatically. CLI flags still override policy values.
+
+---
+
+### `drift trust-gate <trust-json-file>`
+
+Evaluate trust gate thresholds from a previously generated trust JSON file. This is ideal for CI workflows that already produced `drift-trust.json` and want a single source of truth for gate logic.
+
+```bash
+drift trust-gate drift-trust.json --min-trust 45 --max-risk HIGH
+drift trust-gate drift-trust.json --branch release/v1.2.0
+drift trust-gate drift-trust.json --branch main --policy-pack balanced --explain-policy
+```
+
+| Flag | Description |
+|------|-------------|
+| `--min-trust <n>` | Exit code 1 when trust score in JSON is below `n` |
+| `--max-risk <level>` | Exit code 1 when merge risk in JSON exceeds `LOW`, `MEDIUM`, `HIGH`, or `CRITICAL` |
+| `--branch <name>` | Branch used for `drift.config` trust policy matching (falls back to CI env vars) |
+| `--policy-pack <name>` | Optional trust policy pack from `trustGate.policyPacks` in `drift.config.*` |
+| `--explain-policy` | Print base/pack/branch/override resolution and effective gate policy to stderr |
+
+---
+
+### `drift kpi <path>`
+
+Aggregate trust KPI evidence from local artifacts (directory or glob). Prints a compact console summary to stderr and structured KPI JSON to stdout.
+
+```bash
+drift kpi ./artifacts/trust
+drift kpi "./artifacts/**/drift-trust-*.json"
+drift kpi ./artifacts/trust --no-summary
+```
+
+| Flag | Description |
+|------|-------------|
+| `--no-summary` | Disable stderr console summary and output JSON only |
+
+Computed KPI fields include:
+- PRs evaluated count
+- Merge risk distribution (`LOW`, `MEDIUM`, `HIGH`, `CRITICAL`)
+- Trust score average/median/min/max
+- High-risk ratio (`HIGH` + `CRITICAL`)
+- Diff trend aggregates when `diff_context` exists (`scoreDelta`, new/resolved issues, status distribution)
+- Diagnostics for malformed/missing/invalid JSON artifacts
+
 ---
 
 ### `drift map [path]`
 
-Generate an `architecture.svg` map with inferred layer dependencies.
+Generate an `architecture.svg` map with inferred layer dependencies. When layer config is present, the SVG also highlights cycle edges and layer violations.
 
 ```bash
 drift map
@@ -162,6 +254,11 @@ drift map ./src --output docs/architecture.svg
 |------|-------------|
 | `--output <file>` | Output path for the SVG file (default: `architecture.svg`) |
 
+Edge legend in SVG:
+- Gray: normal dependency
+- Orange: cycle edge
+- Red: layer violation edge
+
 ---
 
 ### `drift report [path]`
@@ -270,6 +367,7 @@ Auto-fix safe issues with explicit preview/write modes.
 ```bash
 drift fix ./src --preview
 drift fix ./src --write
+drift fix ./src --write --yes
 drift fix ./src --dry-run   # alias of --preview
 ```
 
@@ -278,6 +376,52 @@ drift fix ./src --dry-run   # alias of --preview
 | `--preview` | Preview before/after without writing files |
 | `--write` | Apply fixes to disk |
 | `--dry-run` | Backward-compatible alias for preview mode |
+| `--yes` | Skip interactive confirmation for write mode |
+
+---
+
+### `drift cloud`
+
+Local multi-tenant foundations backed by `.drift-cloud/store.json`.
+
+```bash
+drift cloud ingest ./src --org acme --workspace core --user u-123 --role owner --plan sponsor --repo webapp
+drift cloud summary
+drift cloud summary --org acme --workspace core
+drift cloud summary --org acme --workspace core --actor u-owner
+drift cloud ingest ./src --org acme --workspace core --user u-member --actor u-owner
+drift cloud ingest ./src --org acme --workspace core --user u-member --actor u-member # strict actor mode ready
+drift cloud plan-set --org acme --plan team --actor u-owner --reason "annual upgrade"
+drift cloud plan-changes --org acme --actor u-owner
+drift cloud usage --org acme --actor u-owner
+drift cloud summary --json
+drift cloud dashboard --output drift-cloud-dashboard.html
+```
+
+**Subcommands:**
+
+| Command | Description |
+|---------|-------------|
+| `drift cloud ingest [path] --org <id> --workspace <id> --user <id> [--role <owner\|member\|viewer>] [--plan <free\|sponsor\|team\|business>] [--repo <name>] [--actor <user>] [--store <file>]` | Scans the path and stores one tenant-scoped snapshot (`--actor` optional by default, required only when `saas.strictActorEnforcement=true`) |
+| `drift cloud summary [--json] [--org <id>] [--workspace <id>] [--actor <user>] [--store <file>]` | Shows users/workspaces/repos usage and runs per month; in strict mode, scoped reads (`--org`/`--workspace`) require `--actor` |
+| `drift cloud plan-set --org <id> --plan <free\|sponsor\|team\|business> --actor <user> [--reason <text>] [--store <file>]` | Updates organization plan and writes an audited plan-change event (owner-gated by actor) |
+| `drift cloud plan-changes --org <id> --actor <user> [--json] [--store <file>]` | Lists audited plan lifecycle events for the organization |
+| `drift cloud usage --org <id> --actor <user> [--month <yyyy-mm>] [--json] [--store <file>]` | Shows organization usage plus effective limits for current plan |
+| `drift cloud dashboard [--output <file>] [--store <file>]` | Generates an HTML dashboard with trends and hotspots |
+
+`drift cloud` ships with tenant identity boundaries (`organizationId` + `workspaceId`), role primitives (`owner`/`member`/`viewer`), and plan placeholders (`free`/`sponsor`/`team`/`business`). It is an infrastructure foundation, not a full auth/billing platform.
+
+By default, local guardrails enforce one plan-based limit: max workspaces per organization (`free:20`, `sponsor:50`, `team:200`, `business:1000`), plus existing free-phase limits (runs per workspace, repos per workspace, retention window).
+
+To require actor identity on scoped cloud operations, enable strict actor mode in `drift.config.*`:
+
+```ts
+export default {
+  saas: {
+    strictActorEnforcement: true,
+  },
+}
+```
 
 ---
 
@@ -339,11 +483,27 @@ import type { DriftConfig } from '@eduardbar/drift'
 
 export default {
   plugins: ['drift-plugin-example'],
+  performance: {
+    lowMemory: true,
+    chunkSize: 40,
+    maxFiles: 8000,
+    maxFileSizeKb: 1024,
+    includeSemanticDuplication: false,
+  },
   architectureRules: {
     controllerNoDb: true,
     serviceNoHttp: true,
     maxFunctionLines: 80,
   },
+  trustGate: {
+    minTrust: 45,
+    maxRisk: 'HIGH',
+    presets: [
+      { branch: 'main', minTrust: 70, maxRisk: 'MEDIUM' },
+      { branch: 'release/*', minTrust: 80, maxRisk: 'LOW' },
+      { branch: 'legacy/*', enabled: false },
+    ],
+  },
   layers: [
     { name: 'domain',  patterns: ['src/domain/**'],  canImportFrom: [] },
     { name: 'app',     patterns: ['src/app/**'],     canImportFrom: ['domain'] },
@@ -366,6 +526,20 @@ export default {
 
 Without a config file, `layer-violation` and `cross-boundary-import` are silently skipped. All other rules run with their defaults.
 
+### Memory guardrails (recommended for large repos)
+
+If your repository is large or your machine has limited RAM, start with:
+
+```bash
+drift scan . --low-memory --max-file-size-kb 1024 --max-files 8000
+```
+
+Practical tuning:
+- Lower `--chunk-size` to reduce peak memory further (slower but safer).
+- Keep `includeSemanticDuplication: false` in low-memory mode for the lowest memory footprint.
+- Set `maxFileSizeKb` to skip generated/vendor files that can explode AST memory usage.
+- Set `maxFiles` to protect CI runners from worst-case monorepo scans.
+
 ---
 
 ## CI Integration
@@ -412,6 +586,20 @@ jobs:
 
 `drift ci` emits `::error` and `::warning` annotations that appear inline in the PR diff and writes a formatted summary to `$GITHUB_STEP_SUMMARY`. Use this when you want visibility beyond a pass/fail exit code.
 
+### Auto PR comment with `drift review`
+
+The repository includes `.github/workflows/review-pr.yml`, which:
+- generates a PR-ready markdown comment with `drift trust --markdown` first and `drift review --comment` as supplementary context
+- updates a single sticky comment (`<!-- drift-review -->`) on non-fork PRs
+- falls back to `$GITHUB_STEP_SUMMARY` for fork PRs
+- enforces a trust baseline gate with `drift trust-gate drift-trust.json --min-trust 45 --max-risk HIGH`
+- uploads `drift trust --json` as `drift-trust-json-pr-<PR_NUMBER>-run-<RUN_ATTEMPT>` for manual KPI tracking
+- publishes a compact trust KPI summary in `$GITHUB_STEP_SUMMARY` (score, merge risk, new/resolved issues when diff context is available)
+
+Default gate behavior in this repo:
+- fail when trust is below 45
+- fail when merge risk is above `HIGH` (that means `CRITICAL` is blocked)
+
 ---
 
 ## drift-ignore

package/ROADMAP.md

@@ -21,19 +21,20 @@ drift's goal is to be the tool that sits between ESLint and SonarQube — lightw
 **What drift is not:**
 - Not an ESLint replacement for style or correctness rules
 - Not a SonarQube replacement for security scanning
-- Not a cloud product, not a SaaS, not freemium
+- Not a cloud-only product or mandatory hosted backend
 
 **What drift is:**
 - A zero-config static analysis CLI that scores your TypeScript project's structural health
-- A CI gate that blocks debt from accumulating silently
+- An AI code audit CLI that helps teams decide merge trust on AI-assisted PRs
+- A CI gate that blocks risky merges using trust thresholds
 - A shared language for teams to talk about code quality: "our drift score went from 40 to 18 this sprint"
-- Always free. MIT. No tiers.
+- Core CLI is free and MIT; premium governance/sponsor tiers are a product direction for teams
 
 ---
 
 ## Principles that don't change
 
-- **Always free for the developer.** MIT. Forever. No paid tier, no cloud lock-in.
+- **Core stays free for developers.** MIT for the OSS CLI, no backend lock-in for the core workflow.
 - **Zero config to start.** One command, one number. Config is optional and additive.
 - **Fast.** Results in under 3 seconds on any normal project.
 - **One actionable number, not 400 warnings nobody reads.**
@@ -153,7 +154,7 @@ A score of 45 means nothing without context. A score that went from 80 to 45 ove
 
 - **26 rules active** across 9 detection categories
 - **Self-scan score: 14/100 (LOW)**
-- Published on npm as `@eduardbar/drift` — MIT, always free
+- Published on npm as `@eduardbar/drift` — MIT core CLI, optional premium direction documented in PRD
 - Cross-platform: Windows / Linux / macOS via `npx`
 
 ---

package/dist/analyzer.d.ts

@@ -1,4 +1,4 @@
-import type { DriftIssue, FileReport, DriftConfig, LoadedPlugin } from './types.js';
+import type { DriftIssue, FileReport, DriftConfig, DriftAnalysisOptions, LoadedPlugin } from './types.js';
 export { TrendAnalyzer } from './git/trend.js';
 export { BlameAnalyzer } from './git/blame.js';
 export declare const RULE_WEIGHTS: Record<string, {
@@ -10,5 +10,5 @@ export declare function analyzeFile(file: import('ts-morph').SourceFile, options
     loadedPlugins?: LoadedPlugin[];
     projectRoot?: string;
 }): FileReport;
-export declare function analyzeProject(targetPath: string, config?: DriftConfig): FileReport[];
+export declare function analyzeProject(targetPath: string, config?: DriftConfig, options?: DriftAnalysisOptions): FileReport[];
 //# sourceMappingURL=analyzer.d.ts.map