@vibedrift/cli 0.2.0 → 0.3.1

package/dist/index.js

@@ -1199,6 +1199,95 @@ var init_confidence = __esm({
   }
 });
 
+// src/ml-client/project-name.ts
+var project_name_exports = {};
+__export(project_name_exports, {
+  detectProjectIdentity: () => detectProjectIdentity
+});
+import { basename, join as join6 } from "path";
+import { readFile as readFile5 } from "fs/promises";
+import { createHash as createHash2 } from "crypto";
+async function detectProjectIdentity(rootDir, override) {
+  const hash = createHash2("sha256").update(rootDir).digest("hex");
+  if (override && override.trim()) {
+    return { name: override.trim(), hash };
+  }
+  const fromPackageJson = await readJsonField(
+    join6(rootDir, "package.json"),
+    "name"
+  );
+  if (fromPackageJson) return { name: fromPackageJson, hash };
+  const fromCargo = await readTomlFieldInSection(
+    join6(rootDir, "Cargo.toml"),
+    "package",
+    "name"
+  );
+  if (fromCargo) return { name: fromCargo, hash };
+  const fromGoMod = await readGoModule(join6(rootDir, "go.mod"));
+  if (fromGoMod) return { name: fromGoMod, hash };
+  const fromPyProject = await readTomlFieldInSection(
+    join6(rootDir, "pyproject.toml"),
+    "project",
+    "name"
+  ) ?? await readTomlFieldInSection(
+    join6(rootDir, "pyproject.toml"),
+    "tool.poetry",
+    "name"
+  );
+  if (fromPyProject) return { name: fromPyProject, hash };
+  return { name: basename(rootDir) || "untitled", hash };
+}
+async function readJsonField(path2, field) {
+  try {
+    const raw = await readFile5(path2, "utf-8");
+    const parsed = JSON.parse(raw);
+    const value = parsed[field];
+    if (typeof value === "string" && value.trim()) return value.trim();
+  } catch {
+  }
+  return null;
+}
+async function readTomlFieldInSection(path2, section, key) {
+  try {
+    const raw = await readFile5(path2, "utf-8");
+    const lines = raw.split("\n");
+    let inSection = false;
+    for (const line of lines) {
+      const trimmed = line.trim();
+      if (trimmed.startsWith("[") && trimmed.endsWith("]")) {
+        inSection = trimmed === `[${section}]`;
+        continue;
+      }
+      if (!inSection) continue;
+      const match = trimmed.match(/^([\w-]+)\s*=\s*"([^"]+)"/);
+      if (match && match[1] === key && match[2]) {
+        return match[2];
+      }
+    }
+  } catch {
+  }
+  return null;
+}
+async function readGoModule(path2) {
+  try {
+    const raw = await readFile5(path2, "utf-8");
+    const match = raw.match(/^\s*module\s+(\S+)/m);
+    if (match && match[1]) {
+      const segs = match[1].split("/");
+      const last = segs[segs.length - 1];
+      if (last) return last;
+    }
+  } catch {
+  }
+  return null;
+}
+var init_project_name = __esm({
+  "src/ml-client/project-name.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+
 // src/ml-client/index.ts
 var ml_client_exports = {};
 __export(ml_client_exports, {
@@ -1269,9 +1358,22 @@ async function runMlAnalysis(ctx, codeDnaResult, findings, options) {
     console.error(`[deep] Sending ${sampled.length} functions + ${deviations.length} deviations (${Math.round(payloadSize / 1024)}KB) to VibeDrift API...`);
     console.error(`[deep] No full files transmitted \u2014 only function snippets and structural metadata.`);
   }
+  const { detectProjectIdentity: detectProjectIdentity2 } = await Promise.resolve().then(() => (init_project_name(), project_name_exports));
+  const projectIdentity = await detectProjectIdentity2(
+    ctx.rootDir,
+    options.projectName
+  );
   const request = {
     language: ctx.dominantLanguage ?? "unknown",
     file_count: ctx.files.length,
+    project_hash: projectIdentity.hash,
+    project_name: projectIdentity.name,
+    score_hint: options.scoreHint,
+    grade_hint: options.gradeHint,
+    // Tell the server NOT to persist a row from the analyze call —
+    // the CLI logs the full scan summary via /v1/scans/log AFTER the
+    // pipeline finishes, which has accurate metadata.
+    defer_persist: true,
     functions: sampled,
     deviations,
     llm_validations: []
@@ -1283,6 +1385,9 @@ async function runMlAnalysis(ctx, codeDnaResult, findings, options) {
     );
   }
   const filtered = filterByConfidence(response);
+  if (response.scan_id) {
+    filtered.scanId = response.scan_id;
+  }
   if (response.deviations?.length > 0 && codeDnaResult?.deviationJustifications) {
     for (const mlDev of response.deviations) {
       const local = codeDnaResult.deviationJustifications.find(
@@ -1445,6 +1550,160 @@ var init_summarize = __esm({
   }
 });
 
+// src/ml-client/log-scan.ts
+var log_scan_exports = {};
+__export(log_scan_exports, {
+  logScan: () => logScan
+});
+async function logScan(opts) {
+  const { payload, token, apiUrl, verbose } = opts;
+  const base = apiUrl ?? DEFAULT_API_URL2;
+  const trimmed = { ...payload };
+  if (trimmed.report_html) {
+    const size = Buffer.byteLength(trimmed.report_html, "utf-8");
+    if (size > MAX_HTML_BYTES) {
+      if (verbose) {
+        console.error(
+          `[scan-log] HTML too large (${Math.round(size / 1024)}KB), dropping the blob`
+        );
+      }
+      delete trimmed.report_html;
+    }
+  }
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), TIMEOUT_MS3);
+  try {
+    const res = await fetch(`${base}/v1/scans/log`, {
+      method: "POST",
+      headers: {
+        Authorization: `Bearer ${token}`,
+        "Content-Type": "application/json"
+      },
+      body: JSON.stringify(trimmed),
+      signal: controller.signal
+    });
+    if (!res.ok) {
+      const text = await res.text().catch(() => "");
+      if (verbose) {
+        console.error(`[scan-log] HTTP ${res.status}: ${text.slice(0, 200)}`);
+      }
+      return { ok: false, error: `HTTP ${res.status}` };
+    }
+    const data = await res.json().catch(() => ({}));
+    if (verbose) {
+      console.error(
+        `[scan-log] Logged scan ${data.scan_id?.slice(0, 8) ?? "?"} (project ${data.project_id?.slice(0, 8) ?? "?"}, ${data.bytes_stored ?? 0} HTML bytes)`
+      );
+    }
+    return {
+      ok: true,
+      scanId: data.scan_id,
+      projectId: data.project_id,
+      bytesStored: data.bytes_stored
+    };
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    if (verbose) console.error(`[scan-log] Failed: ${msg}`);
+    return { ok: false, error: msg };
+  } finally {
+    clearTimeout(timer);
+  }
+}
+var DEFAULT_API_URL2, TIMEOUT_MS3, MAX_HTML_BYTES;
+var init_log_scan = __esm({
+  "src/ml-client/log-scan.ts"() {
+    "use strict";
+    init_esm_shims();
+    DEFAULT_API_URL2 = "https://vibedrift-api.fly.dev";
+    TIMEOUT_MS3 = 2e4;
+    MAX_HTML_BYTES = 15e5;
+  }
+});
+
+// src/ml-client/sanitize-result.ts
+var sanitize_result_exports = {};
+__export(sanitize_result_exports, {
+  sanitizeResultForUpload: () => sanitizeResultForUpload
+});
+function sanitizeResultForUpload(result) {
+  const ctx = result.context;
+  const rootDir = ctx?.rootDir ?? "";
+  const stripPath = (p) => {
+    if (!p) return null;
+    if (rootDir && p.startsWith(rootDir)) {
+      const rel = p.slice(rootDir.length).replace(/^\/+/, "");
+      return rel || ".";
+    }
+    return p;
+  };
+  const sanitizeNode = (node) => {
+    if (typeof node === "string") return stripPath(node) ?? node;
+    if (Array.isArray(node)) return node.map(sanitizeNode);
+    if (node && typeof node === "object") {
+      const out = {};
+      for (const [k, v] of Object.entries(node)) {
+        if (k === "rootDir") continue;
+        if (k === "files" && Array.isArray(v)) {
+          out[k] = v.map((f) => ({
+            relativePath: stripPath(f.relativePath) ?? f.relativePath,
+            lineCount: f.lineCount,
+            language: f.language
+          }));
+          continue;
+        }
+        if (k === "ast" || k === "treeSitterNode") continue;
+        out[k] = sanitizeNode(v);
+      }
+      return out;
+    }
+    if (node instanceof Map) {
+      const obj = {};
+      for (const [k, v] of node.entries()) {
+        const safeKey = typeof k === "string" ? stripPath(k) ?? k : String(k);
+        obj[safeKey] = sanitizeNode(v);
+      }
+      return obj;
+    }
+    if (node instanceof Set) {
+      return [...node].map(sanitizeNode);
+    }
+    return node;
+  };
+  const envelope = {
+    schema: "vibedrift-scan-result/v1",
+    project: {
+      // populated by the caller, since the CLI knows project_name + hash
+    },
+    language: {
+      dominant: ctx?.dominantLanguage ?? null,
+      breakdown: sanitizeNode(ctx?.languageBreakdown),
+      totalLines: ctx?.totalLines ?? 0
+    },
+    fileCount: (ctx?.files ?? []).length,
+    files: sanitizeNode(ctx?.files),
+    score: {
+      composite: result.compositeScore,
+      max: result.maxCompositeScore,
+      categories: sanitizeNode(result.scores)
+    },
+    findings: sanitizeNode(result.findings),
+    driftFindings: sanitizeNode(result.driftFindings),
+    driftScores: sanitizeNode(result.driftScores),
+    codeDnaResult: sanitizeNode(result.codeDnaResult),
+    perFileScores: sanitizeNode(result.perFileScores),
+    teaseMessages: result.teaseMessages,
+    aiSummary: result.aiSummary ?? null,
+    scanTimeMs: result.scanTimeMs
+  };
+  return envelope;
+}
+var init_sanitize_result = __esm({
+  "src/ml-client/sanitize-result.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+
 // src/output/csv.ts
 var csv_exports = {};
 __export(csv_exports, {
@@ -4917,10 +5176,10 @@ function extractSymbols(file) {
 function analyzeFileNaming(files) {
   const fileNameConventions = /* @__PURE__ */ new Map();
   for (const file of files) {
-    const basename = file.path.split("/").pop()?.replace(/\.[^.]+$/, "") ?? "";
-    if (basename.length <= 1) continue;
-    if (/(?:test|spec|config|setup|__)/i.test(basename)) continue;
-    const conv = classifyName(basename);
+    const basename2 = file.path.split("/").pop()?.replace(/\.[^.]+$/, "") ?? "";
+    if (basename2.length <= 1) continue;
+    if (/(?:test|spec|config|setup|__)/i.test(basename2)) continue;
+    const conv = classifyName(basename2);
     if (!conv) continue;
     if (!fileNameConventions.has(conv)) fileNameConventions.set(conv, []);
     fileNameConventions.get(conv).push(file.path);
@@ -7630,6 +7889,104 @@ function previewToken(token) {
   return token.slice(0, 12) + "\u2026";
 }
 
+// src/auth/api.ts
+init_esm_shims();
+var REQUEST_TIMEOUT_MS = 3e4;
+var VibeDriftApiError = class extends Error {
+  constructor(status, message) {
+    super(message);
+    this.status = status;
+    this.name = "VibeDriftApiError";
+  }
+  status;
+};
+async function jsonFetch(url, init = {}) {
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+  try {
+    const res = await fetch(url, {
+      ...init,
+      signal: controller.signal,
+      headers: {
+        Accept: "application/json",
+        ...init.body ? { "Content-Type": "application/json" } : {},
+        ...init.headers ?? {}
+      }
+    });
+    if (!res.ok) {
+      let detail = "";
+      try {
+        const body = await res.json();
+        detail = body.detail ?? body.message ?? "";
+      } catch {
+        try {
+          detail = await res.text();
+        } catch {
+        }
+      }
+      throw new VibeDriftApiError(res.status, detail || `HTTP ${res.status}`);
+    }
+    return await res.json();
+  } catch (err) {
+    if (err?.name === "AbortError") {
+      throw new VibeDriftApiError(0, `Request timed out after ${REQUEST_TIMEOUT_MS / 1e3}s`);
+    }
+    if (err instanceof VibeDriftApiError) throw err;
+    throw new VibeDriftApiError(0, err?.message ?? String(err));
+  } finally {
+    clearTimeout(timer);
+  }
+}
+async function startDeviceAuth(opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  return jsonFetch(`${base}/auth/device`, {
+    method: "POST",
+    body: JSON.stringify({ client_id: "vibedrift-cli" })
+  });
+}
+async function pollDeviceAuth(deviceCode, opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  return jsonFetch(`${base}/auth/poll`, {
+    method: "POST",
+    body: JSON.stringify({ device_code: deviceCode })
+  });
+}
+async function validateToken(token, opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  return jsonFetch(`${base}/auth/validate`, {
+    method: "GET",
+    headers: { Authorization: `Bearer ${token}` }
+  });
+}
+async function revokeToken(token, opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  await jsonFetch(`${base}/auth/revoke`, {
+    method: "POST",
+    headers: { Authorization: `Bearer ${token}` }
+  });
+}
+async function fetchUsage(token, opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  return jsonFetch(`${base}/account/usage`, {
+    method: "GET",
+    headers: { Authorization: `Bearer ${token}` }
+  });
+}
+async function fetchCredits(token, opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  return jsonFetch(`${base}/account/credits`, {
+    method: "GET",
+    headers: { Authorization: `Bearer ${token}` }
+  });
+}
+async function createPortalSession(token, opts) {
+  const base = await resolveApiUrl(opts?.apiUrl);
+  return jsonFetch(`${base}/account/portal`, {
+    method: "POST",
+    headers: { Authorization: `Bearer ${token}` }
+  });
+}
+
 // src/cli/commands/scan.ts
 async function runScan(targetPath, options) {
   const rootDir = resolve(targetPath);
@@ -7651,13 +8008,43 @@ async function runScan(targetPath, options) {
       console.error("");
       console.error(chalk2.red("  \u2717 Deep scans require a VibeDrift account."));
       console.error("");
-      console.error("    Run " + chalk2.bold("vibedrift login") + " to sign in.");
+      console.error(chalk2.bgYellow.black.bold("    \u{1F381}  But your first deep scan is FREE.    "));
+      console.error("");
+      console.error("    Run " + chalk2.bold("vibedrift login") + " to sign in and claim it.");
       console.error("    Or set " + chalk2.bold("VIBEDRIFT_TOKEN") + " in your environment for CI.");
       console.error("");
       process.exit(1);
     }
     bearerToken = resolved.token;
     apiUrl = await resolveApiUrl(options.apiUrl);
+  } else {
+    try {
+      const resolved = await resolveToken();
+      if (resolved) {
+        bearerToken = resolved.token;
+        apiUrl = await resolveApiUrl(options.apiUrl);
+      }
+    } catch {
+    }
+  }
+  if (!options.json && options.format !== "json" && !options.deep) {
+    if (bearerToken) {
+      try {
+        const credits = await fetchCredits(bearerToken, { apiUrl });
+        if (credits.has_free_deep_scan && !credits.unlimited) {
+          console.log("");
+          console.log(chalk2.bgYellow.black.bold("  \u{1F381}  1 FREE DEEP SCAN AVAILABLE  "));
+          console.log(chalk2.yellow("    Run with ") + chalk2.bold.cyan("--deep") + chalk2.yellow(" to use Claude-powered analysis (no card required)."));
+          console.log("");
+        }
+      } catch {
+      }
+    } else {
+      console.log("");
+      console.log(chalk2.dim("  Tip: ") + chalk2.yellow("sign up free to get 1 deep scan included"));
+      console.log(chalk2.dim("       Run ") + chalk2.bold("vibedrift login") + chalk2.dim(" to claim it (no card required)."));
+      console.log("");
+    }
   }
   const startTime = Date.now();
   const timings = {};
@@ -7735,7 +8122,8 @@ Warning: File limit reached (${warnings.truncatedAt}). Only partial coverage \u2
         token: bearerToken,
         apiUrl,
         verbose: options.verbose,
-        driftFindings: driftResult.driftFindings
+        driftFindings: driftResult.driftFindings,
+        projectName: options.projectName
       });
       allFindings.push(...mlResult.highConfidence);
       mlMediumConfidence = mlResult.mediumConfidence;
@@ -7806,6 +8194,62 @@ Warning: File limit reached (${warnings.truncatedAt}). Only partial coverage \u2
     }
   }
   await saveScanResult(rootDir, scores, compositeScore);
+  if (bearerToken) {
+    try {
+      const { logScan: logScan2 } = await Promise.resolve().then(() => (init_log_scan(), log_scan_exports));
+      const { detectProjectIdentity: detectProjectIdentity2 } = await Promise.resolve().then(() => (init_project_name(), project_name_exports));
+      const { sanitizeResultForUpload: sanitizeResultForUpload2 } = await Promise.resolve().then(() => (init_sanitize_result(), sanitize_result_exports));
+      const projectIdentity = await detectProjectIdentity2(
+        rootDir,
+        options.projectName
+      );
+      const mlDuplicates = allFindings.filter((f) => f.analyzerId === "ml-duplicate").length;
+      const mlIntent = allFindings.filter((f) => f.analyzerId === "ml-intent").length;
+      const mlAnomaly = allFindings.filter((f) => f.analyzerId === "ml-anomaly").length;
+      let html;
+      try {
+        html = renderHtmlReport(result);
+      } catch {
+        html = void 0;
+      }
+      const pct = maxCompositeScore > 0 ? compositeScore / maxCompositeScore * 100 : 0;
+      const grade = pct >= 90 ? "A" : pct >= 75 ? "B" : pct >= 50 ? "C" : pct >= 25 ? "D" : "F";
+      const sanitizedResult = sanitizeResultForUpload2(result);
+      sanitizedResult.project = {
+        name: projectIdentity.name,
+        hash: projectIdentity.hash
+      };
+      sanitizedResult.grade = grade;
+      sanitizedResult.scanType = options.deep ? "deep" : "free";
+      sanitizedResult.scannedAt = (/* @__PURE__ */ new Date()).toISOString();
+      await logScan2({
+        token: bearerToken,
+        apiUrl,
+        verbose: options.verbose,
+        payload: {
+          project_hash: projectIdentity.hash,
+          project_name: projectIdentity.name,
+          language: ctx.dominantLanguage ?? "unknown",
+          file_count: ctx.files.length,
+          function_count: codeDnaResult?.functions?.length ?? 0,
+          finding_count: allFindings.length,
+          score: compositeScore,
+          grade,
+          duplicates_found: mlDuplicates,
+          intent_mismatches: mlIntent,
+          anomalies_found: mlAnomaly,
+          is_deep: !!options.deep,
+          processing_time_ms: scanTimeMs,
+          report_html: html,
+          result_json: sanitizedResult
+        }
+      });
+    } catch (err) {
+      if (options.verbose) {
+        console.error(chalk2.dim(`[scan-log] Failed: ${err.message}`));
+      }
+    }
+  }
   const format = options.format ?? (options.json ? "json" : "html");
   if (format === "html") {
     const html = renderHtmlReport(result);
@@ -7956,97 +8400,6 @@ Update failed: ${message}`));
 init_esm_shims();
 import chalk4 from "chalk";
 
-// src/auth/api.ts
-init_esm_shims();
-var REQUEST_TIMEOUT_MS = 3e4;
-var VibeDriftApiError = class extends Error {
-  constructor(status, message) {
-    super(message);
-    this.status = status;
-    this.name = "VibeDriftApiError";
-  }
-  status;
-};
-async function jsonFetch(url, init = {}) {
-  const controller = new AbortController();
-  const timer = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
-  try {
-    const res = await fetch(url, {
-      ...init,
-      signal: controller.signal,
-      headers: {
-        Accept: "application/json",
-        ...init.body ? { "Content-Type": "application/json" } : {},
-        ...init.headers ?? {}
-      }
-    });
-    if (!res.ok) {
-      let detail = "";
-      try {
-        const body = await res.json();
-        detail = body.detail ?? body.message ?? "";
-      } catch {
-        try {
-          detail = await res.text();
-        } catch {
-        }
-      }
-      throw new VibeDriftApiError(res.status, detail || `HTTP ${res.status}`);
-    }
-    return await res.json();
-  } catch (err) {
-    if (err?.name === "AbortError") {
-      throw new VibeDriftApiError(0, `Request timed out after ${REQUEST_TIMEOUT_MS / 1e3}s`);
-    }
-    if (err instanceof VibeDriftApiError) throw err;
-    throw new VibeDriftApiError(0, err?.message ?? String(err));
-  } finally {
-    clearTimeout(timer);
-  }
-}
-async function startDeviceAuth(opts) {
-  const base = await resolveApiUrl(opts?.apiUrl);
-  return jsonFetch(`${base}/auth/device`, {
-    method: "POST",
-    body: JSON.stringify({ client_id: "vibedrift-cli" })
-  });
-}
-async function pollDeviceAuth(deviceCode, opts) {
-  const base = await resolveApiUrl(opts?.apiUrl);
-  return jsonFetch(`${base}/auth/poll`, {
-    method: "POST",
-    body: JSON.stringify({ device_code: deviceCode })
-  });
-}
-async function validateToken(token, opts) {
-  const base = await resolveApiUrl(opts?.apiUrl);
-  return jsonFetch(`${base}/auth/validate`, {
-    method: "GET",
-    headers: { Authorization: `Bearer ${token}` }
-  });
-}
-async function revokeToken(token, opts) {
-  const base = await resolveApiUrl(opts?.apiUrl);
-  await jsonFetch(`${base}/auth/revoke`, {
-    method: "POST",
-    headers: { Authorization: `Bearer ${token}` }
-  });
-}
-async function fetchUsage(token, opts) {
-  const base = await resolveApiUrl(opts?.apiUrl);
-  return jsonFetch(`${base}/account/usage`, {
-    method: "GET",
-    headers: { Authorization: `Bearer ${token}` }
-  });
-}
-async function createPortalSession(token, opts) {
-  const base = await resolveApiUrl(opts?.apiUrl);
-  return jsonFetch(`${base}/account/portal`, {
-    method: "POST",
-    headers: { Authorization: `Bearer ${token}` }
-  });
-}
-
 // src/auth/browser.ts
 init_esm_shims();
 import { spawn as spawn2 } from "child_process";
@@ -8153,11 +8506,43 @@ async function runLogin(options = {}) {
       console.log(`  Account: ${chalk4.bold(result.email)}`);
       console.log(`  Plan:    ${chalk4.bold(result.plan)}`);
       console.log("");
-      if (result.plan === "free") {
-        console.log(chalk4.dim("  Run `vibedrift upgrade` to enable deep AI scans."));
-        console.log("");
-      } else {
-        console.log(chalk4.dim("  Run `vibedrift . --deep` to use AI-powered analysis."));
+      try {
+        const credits = await fetchCredits(result.access_token, {
+          apiUrl: options.apiUrl
+        });
+        if (credits.has_free_deep_scan && !credits.unlimited) {
+          console.log(
+            chalk4.bgYellow.black.bold("  \u{1F381} 1 FREE deep scan included with your account  ")
+          );
+          console.log("");
+          console.log(
+            chalk4.yellow("  Try the full pipeline (Claude analysis, security review,")
+          );
+          console.log(
+            chalk4.yellow("  AI-powered drift detection) on any project \u2014 no card needed.")
+          );
+          console.log("");
+          console.log(`    ${chalk4.cyan("vibedrift . --deep")}`);
+          console.log("");
+        } else if (credits.unlimited) {
+          console.log(chalk4.dim("  Run `vibedrift . --deep` to use AI-powered analysis."));
+          console.log("");
+        } else if (credits.available_total > 0) {
+          console.log(
+            chalk4.dim(`  You have ${credits.available_total} deep scan credit${credits.available_total === 1 ? "" : "s"} available.`)
+          );
+          console.log(chalk4.dim("  Run `vibedrift . --deep` to use one."));
+          console.log("");
+        } else {
+          console.log(chalk4.dim("  Run `vibedrift upgrade` to enable deep AI scans."));
+          console.log("");
+        }
+      } catch {
+        if (result.plan === "free") {
+          console.log(chalk4.dim("  Run `vibedrift upgrade` to enable deep AI scans."));
+        } else {
+          console.log(chalk4.dim("  Run `vibedrift . --deep` to use AI-powered analysis."));
+        }
         console.log("");
       }
       return;
@@ -8269,6 +8654,21 @@ async function runStatus() {
       console.log(chalk6.dim(`  ${err.message}`));
     }
   }
+  try {
+    const credits = await fetchCredits(resolved.token, { apiUrl: config.apiUrl });
+    console.log("");
+    if (credits.unlimited) {
+      console.log(`  Deep scans: ${chalk6.bold.green("unlimited")} (${credits.plan})`);
+    } else if (credits.has_free_deep_scan) {
+      console.log(`  Deep scans: ${chalk6.bold.yellow("1 free")} + ${credits.available_purchased} purchased`);
+      console.log(chalk6.dim("              Run `vibedrift . --deep` to use your free credit."));
+    } else if (credits.available_total > 0) {
+      console.log(`  Deep scans: ${chalk6.bold(credits.available_total)} credit${credits.available_total === 1 ? "" : "s"} available`);
+    } else {
+      console.log(`  Deep scans: ${chalk6.dim("0 credits")} \u2014 run \`vibedrift upgrade\` for more`);
+    }
+  } catch {
+  }
   console.log("");
 }
 function describeSource(source) {
@@ -8416,7 +8816,7 @@ async function runBilling() {
 init_esm_shims();
 import chalk10 from "chalk";
 import { homedir as homedir3, platform, arch } from "os";
-import { join as join6 } from "path";
+import { join as join7 } from "path";
 import { stat as stat4, access, constants } from "fs/promises";
 init_version();
 async function runDoctor() {
@@ -8462,7 +8862,7 @@ async function runDoctor() {
       info("Config file", "absent (not logged in)");
     }
   }
-  const historyDir = join6(homedir3(), ".vibedrift", "scans");
+  const historyDir = join7(homedir3(), ".vibedrift", "scans");
   try {
     const info2 = await stat4(historyDir);
     if (info2.isDirectory()) ok("Scan history", historyDir);
@@ -8591,6 +8991,9 @@ program.command("scan", { isDefault: true }).description("Scan a project for vib
 ).option("--no-codedna", "skip Code DNA semantic analysis").option(
   "--deep",
   "enable AI-powered deep analysis (requires `vibedrift login`)"
+).option(
+  "--project-name <name>",
+  "override the auto-detected project name shown in the dashboard"
 ).option(
   "--include <pattern>",
   "only scan files matching this glob (repeatable)",
@@ -8621,7 +9024,8 @@ program.command("scan", { isDefault: true }).description("Scan a project for vib
     apiUrl: options.apiUrl,
     include: options.include,
     exclude: options.exclude,
-    verbose: options.verbose
+    verbose: options.verbose,
+    projectName: options.projectName
   });
 });
 program.command("login").description("Log in to your VibeDrift account").option("--no-browser", "don't open the browser automatically").addOption(