@eduardbar/drift 1.4.0 → 1.5.0

package/.github/actions/drift-review/README.md

@@ -4,6 +4,8 @@ Composite action for PR workflows that wraps `drift trust`, optional `drift revi
 
 The action runs drift via `npm exec` with an isolated prefix under `$RUNNER_TEMP/drift-cli` to avoid local bin resolution conflicts when workflows execute inside the `@eduardbar/drift` repository.
 
+If the requested `version` is not published on npm yet (for example, release-prep PRs), the action falls back to the local repository CLI (`npx --no-install tsx ./src/cli.ts`) so PR checks can still run.
+
 ## Why this action exists
 
 The repository workflow (`.github/workflows/review-pr.yml`) uses trust as the merge gate and review markdown as complementary context. This action packages that flow as a reusable contract:
@@ -22,7 +24,7 @@ The repository workflow (`.github/workflows/review-pr.yml`) uses trust as the me
   with:
     path: .
     base-ref: origin/${{ github.base_ref }}
-    version: 1.3.0
+    version: 1.5.0
     min-trust: 40
     max-risk: HIGH
     fail-on-gate: true
@@ -35,7 +37,7 @@ The repository workflow (`.github/workflows/review-pr.yml`) uses trust as the me
 |-------|-------------|---------|
 | `path` | Path to analyze | `.` |
 | `base-ref` | Base git ref for diff-aware trust/review | `origin/main` |
-| `version` | drift version for `npm exec` execution | `1.3.0` |
+| `version` | drift version for `npm exec` execution | `1.5.0` |
 | `min-trust` | Failing threshold for trust score | `45` |
 | `max-risk` | Failing threshold for merge risk | `HIGH` |
 | `fail-on-gate` | Enforce trust gate failure | `true` |

package/.github/actions/drift-review/action.yml

@@ -18,7 +18,7 @@ inputs:
   version:
     description: 'Version of @eduardbar/drift to use'
     required: false
-    default: '1.3.0'
+    default: '1.5.0'
   min-trust:
     description: 'Fail gate if trust score is below this threshold'
     required: false
@@ -80,8 +80,15 @@ runs:
         set -euo pipefail
         EXEC_PREFIX="$RUNNER_TEMP/drift-cli"
         mkdir -p "$EXEC_PREFIX"
-        npm exec --yes --prefix "$EXEC_PREFIX" --package=@eduardbar/drift@${{ inputs.version }} -- drift --version
-        npm exec --yes --prefix "$EXEC_PREFIX" --package=@eduardbar/drift@${{ inputs.version }} -- drift trust "${{ inputs.path }}" --base "${{ inputs.base-ref }}" --markdown --json-output "${{ steps.files.outputs.trust_json }}" > "${{ steps.files.outputs.trust_md }}"
+        VERSION="${{ inputs.version }}"
+        if npm view "@eduardbar/drift@$VERSION" version >/dev/null 2>&1; then
+          npm exec --yes --prefix "$EXEC_PREFIX" --package="@eduardbar/drift@$VERSION" -- drift --version
+          npm exec --yes --prefix "$EXEC_PREFIX" --package="@eduardbar/drift@$VERSION" -- drift trust "${{ inputs.path }}" --base "${{ inputs.base-ref }}" --markdown --json-output "${{ steps.files.outputs.trust_json }}" > "${{ steps.files.outputs.trust_md }}"
+        else
+          echo "::notice::@eduardbar/drift@$VERSION is not published yet; using local CLI fallback"
+          npx --no-install tsx ./src/cli.ts --version
+          npx --no-install tsx ./src/cli.ts trust "${{ inputs.path }}" --base "${{ inputs.base-ref }}" --markdown --json-output "${{ steps.files.outputs.trust_json }}" > "${{ steps.files.outputs.trust_md }}"
+        fi
 
     - name: Generate review markdown
       if: inputs.include-review == 'true'
@@ -90,7 +97,12 @@ runs:
         set -euo pipefail
         EXEC_PREFIX="$RUNNER_TEMP/drift-cli"
         mkdir -p "$EXEC_PREFIX"
-        npm exec --yes --prefix "$EXEC_PREFIX" --package=@eduardbar/drift@${{ inputs.version }} -- drift review --base "${{ inputs.base-ref }}" --comment > "${{ steps.files.outputs.review_md }}"
+        VERSION="${{ inputs.version }}"
+        if npm view "@eduardbar/drift@$VERSION" version >/dev/null 2>&1; then
+          npm exec --yes --prefix "$EXEC_PREFIX" --package="@eduardbar/drift@$VERSION" -- drift review --base "${{ inputs.base-ref }}" --comment > "${{ steps.files.outputs.review_md }}"
+        else
+          npx --no-install tsx ./src/cli.ts review --base "${{ inputs.base-ref }}" --comment > "${{ steps.files.outputs.review_md }}"
+        fi
 
     - name: Extract trust outputs
       id: extract
@@ -128,4 +140,9 @@ runs:
         set -euo pipefail
         EXEC_PREFIX="$RUNNER_TEMP/drift-cli"
         mkdir -p "$EXEC_PREFIX"
-        npm exec --yes --prefix "$EXEC_PREFIX" --package=@eduardbar/drift@${{ inputs.version }} -- drift trust-gate "${{ steps.files.outputs.trust_json }}" --min-trust "${{ inputs.min-trust }}" --max-risk "${{ inputs.max-risk }}"
+        VERSION="${{ inputs.version }}"
+        if npm view "@eduardbar/drift@$VERSION" version >/dev/null 2>&1; then
+          npm exec --yes --prefix "$EXEC_PREFIX" --package="@eduardbar/drift@$VERSION" -- drift trust-gate "${{ steps.files.outputs.trust_json }}" --min-trust "${{ inputs.min-trust }}" --max-risk "${{ inputs.max-risk }}"
+        else
+          npx --no-install tsx ./src/cli.ts trust-gate "${{ steps.files.outputs.trust_json }}" --min-trust "${{ inputs.min-trust }}" --max-risk "${{ inputs.max-risk }}"
+        fi

package/.github/actions/drift-scan/README.md

@@ -6,7 +6,7 @@ Composite action to run `drift scan` in CI without global installs.
 
 - Runtime strategy: `npm exec --yes --prefix "$RUNNER_TEMP/drift-cli" --package=@eduardbar/drift@<version> -- drift ...` (no `npm install -g`)
 - Uses isolated `--prefix` under `$RUNNER_TEMP` to avoid bin resolution conflicts in self-hosting repository workflows
-- Default drift version is pinned (`1.3.0`) for deterministic runs
+- Default drift version is pinned (`1.5.0`) for deterministic runs
 - Uses `drift scan --json` and extracts typed outputs
 - Critical command/parse failures are not silenced (step fails immediately)
 
@@ -20,7 +20,7 @@ Composite action to run `drift scan` in CI without global installs.
     path: ./src
     min-score: 60
     fail-on-threshold: true
-    version: 1.3.0
+    version: 1.5.0
 ```
 
 ## Inputs
@@ -30,7 +30,7 @@ Composite action to run `drift scan` in CI without global installs.
 | `path` | Path to scan | `.` |
 | `min-score` | Fail if score exceeds this | `80` |
 | `fail-on-threshold` | Whether to fail on threshold | `true` |
-| `version` | drift version for `npm exec` execution | `1.3.0` |
+| `version` | drift version for `npm exec` execution | `1.5.0` |
 
 ## Outputs
 

package/.github/actions/drift-scan/action.yml

@@ -22,7 +22,7 @@ inputs:
   version:
     description: 'Version of @eduardbar/drift to use'
     required: false
-    default: '1.3.0'
+    default: '1.5.0'
 
 outputs:
   score:

package/.github/workflows/publish-vscode.yml

@@ -3,8 +3,6 @@ name: Publish VS Code Extension
 on:
   release:
     types: [published]
-    tags:
-      - 'vscode-v*'
   workflow_dispatch:
     inputs:
       version:
@@ -17,6 +15,7 @@ permissions:
 
 jobs:
   publish:
+    if: ${{ github.event_name == 'workflow_dispatch' || startsWith(github.ref, 'refs/tags/vscode-v') }}
     runs-on: ubuntu-latest
     defaults:
       run:
@@ -36,7 +35,6 @@ jobs:
           cache-dependency-path: packages/vscode-drift/package-lock.json
 
       - name: Verify version matches tag
-        if: github.event_name == 'release'
         run: |
           if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
             TAG_VERSION="${{ inputs.version }}"

package/.github/workflows/publish.yml

@@ -14,7 +14,15 @@ permissions:
   contents: read
 
 jobs:
+  release-verify:
+    name: Release Verify
+    uses: ./.github/workflows/reusable-quality-checks.yml
+    with:
+      ref: ${{ github.event_name == 'workflow_dispatch' && format('refs/tags/v{0}', inputs.tag) || github.ref }}
+      coverage_artifact_prefix: release-coverage
+
   publish:
+    needs: release-verify
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

package/.github/workflows/quality.yml

@@ -0,0 +1,15 @@
+name: Quality Gate
+
+on:
+  pull_request:
+  push:
+    branches: [main, master]
+
+permissions:
+  contents: read
+
+jobs:
+  quality:
+    uses: ./.github/workflows/reusable-quality-checks.yml
+    with:
+      node_versions: '["20", "22"]'

package/.github/workflows/reusable-quality-checks.yml

@@ -0,0 +1,95 @@
+name: Reusable Quality Checks
+
+on:
+  workflow_call:
+    inputs:
+      ref:
+        description: Git ref to checkout before running checks
+        required: false
+        type: string
+        default: ''
+      node_versions:
+        description: JSON array of Node.js versions for matrix execution
+        required: false
+        type: string
+        default: '["20", "22"]'
+      coverage_artifact_prefix:
+        description: Prefix used for uploaded coverage artifacts
+        required: false
+        type: string
+        default: coverage
+
+permissions:
+  contents: read
+
+jobs:
+  quality:
+    name: Quality (Node ${{ matrix.node }})
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        node: ${{ fromJson(inputs.node_versions) }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ inputs.ref != '' && inputs.ref || github.ref }}
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v5
+        with:
+          node-version: ${{ matrix.node }}
+          cache: npm
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Validate runtime policy contract
+        run: npm run check:runtime-policy
+
+      - name: Validate docs/source-of-truth drift contract
+        run: npm run check:docs-drift
+
+      - name: Run tests
+        run: npm test
+
+      - name: Run coverage
+        run: npm run test:coverage -- --testTimeout=45000
+
+      - name: Build
+        run: npm run build
+
+      - name: Run CLI smoke E2E
+        run: npm run smoke:repo -- --base HEAD --out .drift-smoke/ci-node-${{ matrix.node }}
+
+      - name: Run performance regression gate
+        if: matrix.node == '20'
+        run: npm run check:perf-budget -- --out .drift-perf/ci-node-${{ matrix.node }}/benchmark-latest.json
+
+      - name: Upload coverage artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ inputs.coverage_artifact_prefix }}-node-${{ matrix.node }}-run-${{ github.run_id }}-${{ github.run_attempt }}
+          path: coverage/
+          if-no-files-found: error
+          retention-days: 14
+
+      - name: Upload smoke E2E artifacts
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: smoke-e2e-node-${{ matrix.node }}-run-${{ github.run_id }}-${{ github.run_attempt }}
+          path: .drift-smoke/ci-node-${{ matrix.node }}/
+          if-no-files-found: warn
+          retention-days: 14
+
+      - name: Upload perf gate artifacts
+        if: always() && matrix.node == '20'
+        uses: actions/upload-artifact@v4
+        with:
+          name: perf-gate-node-${{ matrix.node }}-run-${{ github.run_id }}-${{ github.run_attempt }}
+          path: .drift-perf/ci-node-${{ matrix.node }}/
+          if-no-files-found: warn
+          retention-days: 14

package/.github/workflows/review-pr.yml

@@ -33,7 +33,6 @@ jobs:
         with:
           path: .
           base-ref: origin/${{ github.base_ref }}
-          version: 1.3.0
           min-trust: 45
           max-risk: HIGH
           fail-on-gate: true

package/AGENTS.md

@@ -6,7 +6,7 @@
 
 - Publicado en npm como `@eduardbar/drift`
 - Licencia MIT
-- Versión del paquete: `1.3.0` (`package.json`)
+- Versión del paquete: `1.5.0` (`package.json`)
 
 ---
 
@@ -20,7 +20,7 @@
 | `typescript ^5.9` | compilación |
 | `vitest ^4` | testing |
 
-Runtime: Node.js 18+, ES Modules (`"type": "module"`).
+Runtime: Node.js 20.x and 22.x (LTS), ES Modules (`"type": "module"`).
 
 ---
 

package/CHANGELOG.md

@@ -18,7 +18,20 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 
 ## [Unreleased]
 
-- No unreleased changes yet.
+---
+
+## [1.5.0] - 2026-03-26
+
+### Changed
+
+- CI drift version policy now uses `package.json` as source of truth, aligns action defaults/docs to `1.5.0`, and adds a test guard that fails if action/workflow references drift semver values that diverge.
+- Reusable quality checks now include a required CLI smoke E2E gate (`npm run smoke:repo`) for merge/release verification and upload smoke artifacts (`.drift-smoke/...`) for CI failure triage.
+- Runtime support policy is now enforced as Node.js `20.x` and `22.x` (LTS): `package.json` now declares `engines.node`, CI matrix moved to `20/22`, and docs/doctor output were aligned to avoid advertising unsupported Node versions.
+- Added runtime policy gate (`npm run check:runtime-policy`) in required CI checks to fail fast when `engines.node`, workflow matrix, README runtime line, or lockfile dependency constraints diverge.
+- Tradeoff: dropped Node 18 from required support because `commander@14` (runtime dependency) requires Node `>=20`; preserving `18/20/22` would create false support claims and non-deterministic install/runtime behavior.
+- `drift doctor --json` and `drift guard --json` now emit schema metadata (`$schema`, `toolVersion`) and are covered by v1 schema contract tests (`schemas/drift-doctor.v1.json`, `schemas/drift-guard.v1.json`).
+- Added performance regression gate (`npm run check:perf-budget`) with versioned budgets in `benchmarks/perf-budget.v1.json`, benchmark memory/runtime contract checks, and CI artifact upload under `.drift-perf/` (gated on Node 20 to reduce matrix flakiness).
+- Stabilized local/CI test reliability by setting global Vitest default timeouts (15s) and tuning the scan runtime perf budget threshold for lower false-positive noise.
 
 ---
 

package/README.md

@@ -91,7 +91,9 @@ drift doctor --json
 |------|-------------|
 | `--json` | Output structured doctor report JSON |
 
-Checks include Node major version support (`>=18`), `package.json`, ESM mode, `tsconfig.json`, source file count, optional `--low-memory` recommendation, and `drift.config.*` detection.
+Checks include Node major version support (`>=20`), `package.json`, ESM mode, `tsconfig.json`, source file count, optional `--low-memory` recommendation, and `drift.config.*` detection.
+
+When `--json` is enabled, output includes `$schema` and `toolVersion` metadata and follows [`schemas/drift-doctor.v1.json`](./schemas/drift-doctor.v1.json).
 
 ---
 
@@ -190,6 +192,8 @@ Behavior:
 - Without `--base`, guard requires a baseline (inline or file) and compares only against available baseline anchors.
 - Exit code is `1` when any guard check fails.
 
+When `--json` is enabled, output includes `$schema` and `toolVersion` metadata and follows [`schemas/drift-guard.v1.json`](./schemas/drift-guard.v1.json).
+
 ---
 
 ### `drift diff [ref]`
@@ -255,7 +259,7 @@ drift trust ./src --markdown --output trust.md
 drift trust ./src --min-trust 45
 drift trust ./src --max-risk HIGH
 drift trust ./src --branch main
-drift trust ./src --branch release/v1.4.0 --policy-pack strict --explain-policy
+drift trust ./src --branch release/v1.5.0 --policy-pack strict --explain-policy
 drift trust ./src --advanced-trust
 drift trust ./src --advanced-trust --previous-trust ./artifacts/prev-trust.json
 drift trust ./src --advanced-trust --history-file ./drift-history.json --markdown
@@ -659,6 +663,29 @@ jobs:
 
 `drift ci` emits `::error` and `::warning` annotations that appear inline in the PR diff and writes a formatted summary to `$GITHUB_STEP_SUMMARY`. Use this when you want visibility beyond a pass/fail exit code.
 
+### Required quality checks for merge and release
+
+This repository enforces `.github/workflows/quality.yml` on `pull_request` and `push` to `main`/`master`.
+
+The workflow runs a required Node.js matrix (`20`, `22`) and executes these checks in each matrix job:
+- `npm ci`
+- `npm run check:runtime-policy`
+- `npm run check:docs-drift`
+- `npm test`
+- `npm run test:coverage`
+- `npm run build`
+- `npm run smoke:repo -- --base HEAD --out .drift-smoke/ci-node-<node>`
+
+Additionally, Node 20 runs a deterministic performance regression gate:
+- `npm run check:perf-budget -- --out .drift-perf/ci-node-20/benchmark-latest.json`
+- Budget source of truth: [`benchmarks/perf-budget.v1.json`](./benchmarks/perf-budget.v1.json)
+
+`check:docs-drift` enforces documentation source-of-truth contracts: package version claims come from `package.json` and rule catalog/count claims come from `RULE_WEIGHTS` in `src/analyzer.ts`.
+
+Coverage artifacts and smoke E2E artifacts are uploaded from each matrix run to support traceability and CI debugging. The perf gate also uploads `.drift-perf/...` artifacts on Node 20.
+
+`publish.yml` now runs `release-verify` before publish, reusing the same quality workflow contract. `publish` only runs after `release-verify` passes.
+
 ### Auto PR comment with `drift review`
 
 The repository includes `.github/workflows/review-pr.yml`, which:
@@ -780,7 +807,7 @@ See [CODE_OF_CONDUCT.md](./CODE_OF_CONDUCT.md) before participating.
 | [`commander`](https://github.com/tj/commander.js) | CLI commands and flags |
 | [`kleur`](https://github.com/lukeed/kleur) | Terminal colors (zero dependencies) |
 
-**Runtime:** Node.js 18+ · TypeScript 5.x · ES Modules · Supports TypeScript (`.ts`, `.tsx`) and JavaScript (`.js`, `.jsx`) files
+**Runtime:** Node.js 20.x and 22.x (LTS) · TypeScript 5.x · ES Modules · Supports TypeScript (`.ts`, `.tsx`) and JavaScript (`.js`, `.jsx`) files
 
 ---
 

package/benchmarks/fixtures/critical/drift.config.ts

@@ -0,0 +1,21 @@
+const config = {
+  layers: [
+    { name: 'domain', patterns: ['src/domain/**'], canImportFrom: [] },
+    { name: 'app', patterns: ['src/app/**'], canImportFrom: ['domain'] },
+    { name: 'infra', patterns: ['src/infra/**'], canImportFrom: ['domain', 'app'] },
+  ],
+  architectureRules: {
+    controllerNoDb: true,
+    serviceNoHttp: true,
+    maxFunctionLines: 80,
+  },
+  performance: {
+    lowMemory: false,
+    chunkSize: 40,
+    maxFiles: 200,
+    maxFileSizeKb: 512,
+    includeSemanticDuplication: false,
+  },
+}
+
+export default config

package/benchmarks/fixtures/critical/src/app/user-service.ts

@@ -0,0 +1,30 @@
+import { canAccessBilling, normalizeEmail, type User } from '../domain/entities.js'
+
+export interface UserRepository {
+  findByEmail(email: string): Promise<User | undefined>
+  save(user: User): Promise<void>
+}
+
+export class UserService {
+  constructor(private readonly repo: UserRepository) {}
+
+  async ensureUser(email: string): Promise<User> {
+    const normalizedEmail = normalizeEmail(email)
+    const existing = await this.repo.findByEmail(normalizedEmail)
+    if (existing) return existing
+
+    const created: User = {
+      id: `u-${normalizedEmail}`,
+      email: normalizedEmail,
+      active: true,
+    }
+
+    await this.repo.save(created)
+    return created
+  }
+
+  async canAccessFeature(email: string): Promise<boolean> {
+    const user = await this.ensureUser(email)
+    return canAccessBilling(user)
+  }
+}

package/benchmarks/fixtures/critical/src/domain/entities.ts

@@ -0,0 +1,19 @@
+export type UserId = string
+
+export interface User {
+  id: UserId
+  email: string
+  active: boolean
+}
+
+export function normalizeEmail(email: string): string {
+  return email.trim().toLowerCase()
+}
+
+export function isCompanyEmail(email: string): boolean {
+  return normalizeEmail(email).endsWith('@example.com')
+}
+
+export function canAccessBilling(user: User): boolean {
+  return user.active && isCompanyEmail(user.email)
+}

package/benchmarks/fixtures/critical/src/domain/policies.ts

@@ -0,0 +1,22 @@
+export interface AccessPolicyInput {
+  score: number
+  isInternal: boolean
+  isTrial: boolean
+  hasPaymentIssue: boolean
+}
+
+export function computeTrustTier(input: AccessPolicyInput): 'low' | 'medium' | 'high' {
+  if (input.hasPaymentIssue) return 'low'
+  if (input.score >= 80 && input.isInternal) return 'high'
+  if (input.score >= 60 && !input.isTrial) return 'medium'
+  return 'low'
+}
+
+export function canRunExpensiveChecks(input: AccessPolicyInput): boolean {
+  const tier = computeTrustTier(input)
+  return tier === 'high' || (tier === 'medium' && input.score >= 70)
+}
+
+export function shouldNotifyOps(input: AccessPolicyInput): boolean {
+  return input.hasPaymentIssue || (!input.isInternal && input.score < 45)
+}

package/benchmarks/fixtures/critical/src/index.ts

@@ -0,0 +1,10 @@
+import { UserService } from './app/user-service.js'
+import { MemoryUserRepository } from './infra/memory-user-repo.js'
+
+const service = new UserService(new MemoryUserRepository())
+
+export async function runFixtureFlow(): Promise<boolean> {
+  return service.canAccessFeature('Demo.User@example.com')
+}
+
+void runFixtureFlow()

package/benchmarks/fixtures/critical/src/infra/memory-user-repo.ts

@@ -0,0 +1,14 @@
+import type { User } from '../domain/entities.js'
+import type { UserRepository } from '../app/user-service.js'
+
+export class MemoryUserRepository implements UserRepository {
+  private readonly users = new Map<string, User>()
+
+  async findByEmail(email: string): Promise<User | undefined> {
+    return this.users.get(email)
+  }
+
+  async save(user: User): Promise<void> {
+    this.users.set(user.email, user)
+  }
+}

package/benchmarks/perf-budget.v1.json

@@ -0,0 +1,27 @@
+{
+  "schemaVersion": "drift-perf-budget/v1",
+  "budgetVersion": "2026-03-26",
+  "benchmark": {
+    "fixturePath": "benchmarks/fixtures/critical",
+    "warmupRuns": 1,
+    "measuredRuns": 3
+  },
+  "tolerance": {
+    "runtimePct": 30,
+    "memoryPct": 25
+  },
+  "tasks": {
+    "scan": {
+      "maxMedianMs": 3800,
+      "maxRssMb": 700
+    },
+    "review": {
+      "maxMedianMs": 6500,
+      "maxRssMb": 1300
+    },
+    "trust": {
+      "maxMedianMs": 6500,
+      "maxRssMb": 1300
+    }
+  }
+}

package/dist/benchmark.js

@@ -86,26 +86,38 @@ function median(values) {
 function formatMs(ms) {
     return ms.toFixed(2);
 }
+function bytesToMb(bytes) {
+    return bytes / (1024 * 1024);
+}
 async function runTask(name, warmupRuns, measuredRuns, task) {
     for (let i = 0; i < warmupRuns; i += 1) {
         await task();
     }
     const samplesMs = [];
+    const samplesRssMb = [];
     for (let i = 0; i < measuredRuns; i += 1) {
+        const rssBefore = process.memoryUsage().rss;
         const started = performance.now();
         await task();
         samplesMs.push(performance.now() - started);
+        const rssAfter = process.memoryUsage().rss;
+        samplesRssMb.push(bytesToMb(Math.max(rssBefore, rssAfter)));
     }
     const total = samplesMs.reduce((sum, sample) => sum + sample, 0);
+    const totalRss = samplesRssMb.reduce((sum, sample) => sum + sample, 0);
     return {
         name,
         warmupRuns,
         measuredRuns,
         samplesMs,
+        samplesRssMb,
         medianMs: median(samplesMs),
         meanMs: total / samplesMs.length,
         minMs: Math.min(...samplesMs),
         maxMs: Math.max(...samplesMs),
+        medianRssMb: median(samplesRssMb),
+        meanRssMb: totalRss / samplesRssMb.length,
+        maxRssMb: Math.max(...samplesRssMb),
     };
 }
 function printTable(results) {

package/dist/cli.js

@@ -14,7 +14,7 @@ import { printConsole, printDiff } from './printer.js';
 import { loadConfig } from './config.js';
 import { extractFilesAtRef, cleanupTempDir } from './git.js';
 import { computeDiff } from './diff.js';
-import { runGuard } from './guard.js';
+import { formatGuardJson, runGuard } from './guard.js';
 import { generateHtmlReport } from './report.js';
 import { generateBadge } from './badge.js';
 import { emitCIAnnotations, printCISummary } from './ci.js';
@@ -323,7 +323,7 @@ addResourceOptions(program
             analysis: resolveAnalysisOptions(options),
         });
         if (options.json) {
-            process.stdout.write(JSON.stringify(result, null, 2) + '\n');
+            process.stdout.write(`${formatGuardJson(result)}\n`);
         }
         else {
             printGuardSummary(result);

package/dist/doctor.d.ts

@@ -1,5 +1,26 @@
+import type { DriftOutputMetadata } from './types.js';
 export interface DoctorOptions {
     json?: boolean;
 }
+interface DoctorReport {
+    targetPath: string;
+    node: {
+        version: string;
+        major: number;
+        supported: boolean;
+    };
+    project: {
+        packageJsonFound: boolean;
+        esm: boolean;
+        tsconfigFound: boolean;
+        sourceFilesCount: number;
+        lowMemorySuggested: boolean;
+        driftConfigFile: string | null;
+    };
+}
+export type DoctorReportJson = DoctorReport & DriftOutputMetadata;
+export declare function formatDoctorJsonObject(report: DoctorReport): DoctorReportJson;
+export declare function formatDoctorJson(report: DoctorReport): string;
 export declare function runDoctor(projectPath: string, options?: DoctorOptions): Promise<number>;
+export {};
 //# sourceMappingURL=doctor.d.ts.map