Evolution Advisory

What Changed in Your Codebase

We've detected 5 changes that differ from your project's normal patterns. Each change shows what typically happens versus what we observed this time.

0 of 5 resolved

📝

Files Changed

Version Control

What this means: More files changed than usual in this commit.

Typical:

3.00

This Time:

19.8x above typical range

Trigger: e4f49b1a feat: migrate authentication to OAuth2 + add rate limiting

Supporting Evidence

👁️ Worth Monitoring

When many files change in a single commit, CI build times increase proportionally due to broader test coverage being triggered.

What this means: Commits are touching more files than usual, increasing review burden and risk of regressions.

Recommendation: Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.

👁️ Worth Monitoring

Large commits that touch many files tend to also introduce new dependencies, suggesting feature branches that bundle dependency additions with implementation.

What this means: Commits are touching more files than usual, increasing review burden and risk of regressions.

Recommendation: Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.

Drift Investigation Prompt

Development pattern shift detected in Version Control.\n\nSIGNAL: Files Changed is 19.8x above the typical baseline (observed: 47, typical: 3.00).\nTRIGGER COMMIT: e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting\n\nRECENT COMMITS (5 total, showing top 5):\n  e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting

 (11 files)\n  3b90e72f — fix: resolve N+1 query in dashboard endpoint

Prefetch relat (3 files)\n  608ead0b — chore: upgrade React to v19, update bundler config (4 files)\n  113a54f2 — feat: add WebSocket support for real-time notifications (5 files)\n  4a0a9c5d — ci: add parallel test execution and coverage reporting (4 files)\n\nCORRELATED PATTERNS:\n  [WATCH] When many files change in a single commit, CI build times increase proportionally due to broader test coverage being triggered.\n    → Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.\n  [WATCH] Large commits that touch many files tend to also introduce new dependencies, suggesting feature branches that bundle dependency additions with implementation.\n    → Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.\n\nINVESTIGATE:\n1. Was this change intentional or did the AI drift from goals?\n2. Review commit e4f49b1a — what specifically caused the deviation?\n3. Suggest a course correction (not a bug fix — a realignment).\n\nAFTER FIX:\nRun `evo analyze . --verify` to re-analyze and compare against this run.\nIf the change was intentional, no fix needed — accept it in the report.

Use with: Cursor — paste in chat Claude Code — paste in terminal Copilot — paste in chat panel

After investigation:

AI suggests fixes → apply the changes to your code
Run evo analyze . --verify to re-analyze and compare against this run
If the change was intentional, click Accept above to dismiss it

Show technical details

The files touched for this change was 47. Historically, similar changes had a value of 3.00 ± 1.50.

📝

Change Dispersion

Version Control

What this means: Changes spread across unrelated areas of the codebase.

Typical:

0.1800

This Time:

0.9400

6.4x above typical range

Trigger: e4f49b1a feat: migrate authentication to OAuth2 + add rate limiting

Supporting Evidence

👁️ Worth Monitoring

When code changes are scattered across many directories, releases tend to be pushed out faster — possibly to ship hotfixes before the next planned release.

What this means: Changes are spreading across unrelated parts of the codebase. This makes reviews harder and increases the chance of unexpected side effects.

Recommendation: Review recent PRs for scope creep. Consider breaking large changes into focused commits.

Drift Investigation Prompt

Development pattern shift detected in Version Control.\n\nSIGNAL: Change Dispersion is 6.4x above the typical baseline (observed: 0.9400, typical: 0.1800).\nTRIGGER COMMIT: e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting\n\nRECENT COMMITS (5 total, showing top 5):\n  e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting

 (11 files)\n  3b90e72f — fix: resolve N+1 query in dashboard endpoint

Prefetch relat (3 files)\n  608ead0b — chore: upgrade React to v19, update bundler config (4 files)\n  113a54f2 — feat: add WebSocket support for real-time notifications (5 files)\n  4a0a9c5d — ci: add parallel test execution and coverage reporting (4 files)\n\nCORRELATED PATTERNS:\n  [INFO] When code changes are scattered across many directories, releases tend to be pushed out faster — possibly to ship hotfixes before the next planned release.\n    → Verify that quality gates (testing, review) are still being applied to faster releases.\n\nINVESTIGATE:\n1. Was this change intentional or did the AI drift from goals?\n2. Review commit e4f49b1a — what specifically caused the deviation?\n3. Suggest a course correction (not a bug fix — a realignment).\n\nAFTER FIX:\nRun `evo analyze . --verify` to re-analyze and compare against this run.\nIf the change was intentional, no fix needed — accept it in the report.

Use with: Cursor — paste in chat Claude Code — paste in terminal Copilot — paste in chat panel

After investigation:

AI suggests fixes → apply the changes to your code
Run evo analyze . --verify to re-analyze and compare against this run
If the change was intentional, click Accept above to dismiss it

Show technical details

The dispersion for this change was 0.9400. Historically, similar changes had a value of 0.1800 ± 0.0800.

⚙️

Build Duration

CI / Build

What this means: Build took longer than usual.

Typical:

165.0

This Time:

892

16.3x above typical range

Trigger: e4f49b1a feat: migrate authentication to OAuth2 + add rate limiting

Supporting Evidence

👁️ Worth Monitoring

When many files change in a single commit, CI build times increase proportionally due to broader test coverage being triggered.

What this means: Commits are touching more files than usual, increasing review burden and risk of regressions.

Recommendation: Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.

👁️ Worth Monitoring

When CI pipelines run longer, the time between releases shortens — teams may be rushing releases to meet deadlines despite slower builds.

What this means: Builds are taking longer. Slower CI feedback loops reduce developer productivity and delay catching issues.

Recommendation: Profile the build pipeline to identify bottlenecks. Check for newly added expensive tests or build steps.

👁️ Worth Monitoring

Adding dependencies increases CI build time as package installation and resolution steps take longer.

What this means: The dependency count is growing, expanding the supply-chain attack surface and potential for version conflicts.

Recommendation: Audit new dependencies for necessity, maintenance status, and known vulnerabilities.

Drift Investigation Prompt

Development pattern shift detected in CI / Build.\n\nSIGNAL: Build Duration is 16.3x above the typical baseline (observed: 892, typical: 165.0).\nTRIGGER COMMIT: e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting\n\nRECENT COMMITS (5 total, showing top 5):\n  e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting

 (11 files)\n  3b90e72f — fix: resolve N+1 query in dashboard endpoint

Prefetch relat (3 files)\n  608ead0b — chore: upgrade React to v19, update bundler config (4 files)\n  113a54f2 — feat: add WebSocket support for real-time notifications (5 files)\n  4a0a9c5d — ci: add parallel test execution and coverage reporting (4 files)\n\nCORRELATED PATTERNS:\n  [WATCH] When many files change in a single commit, CI build times increase proportionally due to broader test coverage being triggered.\n    → Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.\n  [INFO] When CI pipelines run longer, the time between releases shortens — teams may be rushing releases to meet deadlines despite slower builds.\n    → Confirm test coverage hasn't decreased alongside faster builds.\n  [WATCH] Adding dependencies increases CI build time as package installation and resolution steps take longer.\n    → Audit new dependencies for necessity, maintenance status, and known vulnerabilities.\n\nINVESTIGATE:\n1. Was this change intentional or did the AI drift from goals?\n2. Review commit e4f49b1a — what specifically caused the deviation?\n3. Suggest a course correction (not a bug fix — a realignment).\n\nAFTER FIX:\nRun `evo analyze . --verify` to re-analyze and compare against this run.\nIf the change was intentional, no fix needed — accept it in the report.

Use with: Cursor — paste in chat Claude Code — paste in terminal Copilot — paste in chat panel

After investigation:

AI suggests fixes → apply the changes to your code
Run evo analyze . --verify to re-analyze and compare against this run
If the change was intentional, click Accept above to dismiss it

Show technical details

The run duration for this change was 892. Historically, similar changes had a value of 165.0 ± 30.00.

🚀

Release Cadence

Deployment

What this means: Shorter time between releases than usual.

Typical:

160.0

This Time:

18.50

2.6x below typical range

Trigger: 113a54f2 feat: add WebSocket support for real-time notifications

Supporting Evidence

ℹ️ Informational

When code changes are scattered across many directories, releases tend to be pushed out faster — possibly to ship hotfixes before the next planned release.

What this means: Releases are happening more frequently. Faster releases reduce batch size risk but may skip review steps.

Recommendation: Verify that quality gates (testing, review) are still being applied to faster releases.

ℹ️ Informational

When CI pipelines run longer, the time between releases shortens — teams may be rushing releases to meet deadlines despite slower builds.

What this means: Builds are running faster than usual. Verify this isn't due to skipped tests or simplified steps.

Recommendation: Confirm test coverage hasn't decreased alongside faster builds.

Drift Investigation Prompt

Development pattern shift detected in Deployment.\n\nSIGNAL: Release Cadence is 2.6x below the typical baseline (observed: 18.50, typical: 160.0).\nTRIGGER COMMIT: 113a54f2 — feat: add WebSocket support for real-time notifications\n\nRECENT COMMITS (5 total, showing top 5):\n  e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting

 (11 files)\n  3b90e72f — fix: resolve N+1 query in dashboard endpoint

Prefetch relat (3 files)\n  608ead0b — chore: upgrade React to v19, update bundler config (4 files)\n  113a54f2 — feat: add WebSocket support for real-time notifications (5 files)\n  4a0a9c5d — ci: add parallel test execution and coverage reporting (4 files)\n\nCORRELATED PATTERNS:\n  [INFO] When code changes are scattered across many directories, releases tend to be pushed out faster — possibly to ship hotfixes before the next planned release.\n    → Verify that quality gates (testing, review) are still being applied to faster releases.\n  [INFO] When CI pipelines run longer, the time between releases shortens — teams may be rushing releases to meet deadlines despite slower builds.\n    → Confirm test coverage hasn't decreased alongside faster builds.\n\nINVESTIGATE:\n1. Was this change intentional or did the AI drift from goals?\n2. Review commit 113a54f2 — what specifically caused the deviation?\n3. Suggest a course correction (not a bug fix — a realignment).\n\nAFTER FIX:\nRun `evo analyze . --verify` to re-analyze and compare against this run.\nIf the change was intentional, no fix needed — accept it in the report.

Use with: Cursor — paste in chat Claude Code — paste in terminal Copilot — paste in chat panel

After investigation:

AI suggests fixes → apply the changes to your code
Run evo analyze . --verify to re-analyze and compare against this run
If the change was intentional, click Accept above to dismiss it

Show technical details

The release cadence hours for this change was 18.50. Historically, similar changes had a value of 160.0 ± 36.00.

📦

Total Dependencies

Dependencies

What this means: Dependency count increased.

Typical:

86.00

This Time:

104

4.0x above typical range

Trigger: e4f49b1a feat: migrate authentication to OAuth2 + add rate limiting

Supporting Evidence

👁️ Worth Monitoring

Large commits that touch many files tend to also introduce new dependencies, suggesting feature branches that bundle dependency additions with implementation.

What this means: Commits are touching more files than usual, increasing review burden and risk of regressions.

Recommendation: Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.

👁️ Worth Monitoring

Adding dependencies increases CI build time as package installation and resolution steps take longer.

What this means: The dependency count is growing, expanding the supply-chain attack surface and potential for version conflicts.

Recommendation: Audit new dependencies for necessity, maintenance status, and known vulnerabilities.

Drift Investigation Prompt

Development pattern shift detected in Dependencies.\n\nSIGNAL: Total Dependencies is 4.0x above the typical baseline (observed: 104, typical: 86.00).\nTRIGGER COMMIT: e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting\n\nRECENT COMMITS (5 total, showing top 5):\n  e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting

 (11 files)\n  3b90e72f — fix: resolve N+1 query in dashboard endpoint

Prefetch relat (3 files)\n  608ead0b — chore: upgrade React to v19, update bundler config (4 files)\n  113a54f2 — feat: add WebSocket support for real-time notifications (5 files)\n  4a0a9c5d — ci: add parallel test execution and coverage reporting (4 files)\n\nDEPENDENCIES CHANGED (3):\n  - redis\n  - authlib\n  - pyjwt: 2.6.0 -> 2.8.0\n\nCORRELATED PATTERNS:\n  [WATCH] Large commits that touch many files tend to also introduce new dependencies, suggesting feature branches that bundle dependency additions with implementation.\n    → Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.\n  [WATCH] Adding dependencies increases CI build time as package installation and resolution steps take longer.\n    → Audit new dependencies for necessity, maintenance status, and known vulnerabilities.\n\nINVESTIGATE:\n1. Was this change intentional or did the AI drift from goals?\n2. Review commit e4f49b1a — what specifically caused the deviation?\n3. Suggest a course correction (not a bug fix — a realignment).\n\nAFTER FIX:\nRun `evo analyze . --verify` to re-analyze and compare against this run.\nIf the change was intentional, no fix needed — accept it in the report.

Use with: Cursor — paste in chat Claude Code — paste in terminal Copilot — paste in chat panel

After investigation:

AI suggests fixes → apply the changes to your code
Run evo analyze . --verify to re-analyze and compare against this run
If the change was intentional, click Accept above to dismiss it

Show technical details

The dependency count for this change was 104. Historically, similar changes had a value of 86.00 ± 3.00.

Next Steps

Investigate

Copy the prompt below and paste it into your AI assistant (Claude Code, Cursor, Copilot, ChatGPT). It will identify root causes and suggest fixes.

Fix

Apply the suggested changes. If a deviation was intentional, click Accept on its card above instead.

Verify

Run evo analyze . --verify to re-analyze and compare. A verification banner will show which deviations resolved, improved, or persist.

Investigation Prompt

Development drift analysis for demo-repo (Dec 01, 2025 at 12:00 AM to Mar 14, 2026 at 09:30 AM). DEVIATIONS FROM BASELINE: - Version Control: Files Changed — 3.00 -> 47 - Version Control: Change Dispersion — 0.1800 -> 0.9400 - CI / Build: Build Duration — 165.0 -> 892 - Deployment: Release Cadence — 160.0 -> 18.50 - Dependencies: Total Dependencies — 86.00 -> 104 Click "Show Full Prompt" to see the complete investigation prompt with evidence...

Development drift analysis for demo-repo (Dec 01, 2025 at 12:00 AM to Mar 14, 2026 at 09:30 AM).

DEVIATIONS FROM BASELINE:

- Version Control / Files Changed: 47 (typical: 3.00, 19.8x above)
- Version Control / Change Dispersion: 0.9400 (typical: 0.1800, 6.4x above)
- CI / Build / Build Duration: 892 (typical: 165.0, 16.3x above)
- Deployment / Release Cadence: 18.50 (typical: 160.0, 2.6x below)
- Dependencies / Total Dependencies: 104 (typical: 86.00, 4.0x above)

RISK PATTERNS (actionable only):

- [Worth Monitoring] 2 patterns:
    * When many files change in a single commit, CI build times increase proportionally due to broader test coverage being triggered.
    * Large commits that touch many files tend to also introduce new dependencies, suggesting feature branches that bundle dependency additions with implementation.
  Impact: Commits are touching more files than usual, increasing review burden and risk of regressions.
  Action: Monitor PR sizes. If this persists, investigate whether large refactors need better decomposition.

- [Worth Monitoring] Adding dependencies increases CI build time as package installation and resolution steps take longer.
  Impact: The dependency count is growing, expanding the supply-chain attack surface and potential for version conflicts.
  Action: Audit new dependencies for necessity, maintenance status, and known vulnerabilities.


COMMITS (5):

  e4f49b1a — feat: migrate authentication to OAuth2 + add rate limiting (11 files)
  3b90e72f — fix: resolve N+1 query in dashboard endpoint (3 files)
  608ead0b — chore: upgrade React to v19, update bundler config (4 files)
  113a54f2 — feat: add WebSocket support for real-time notifications (5 files)
  4a0a9c5d — ci: add parallel test execution and coverage reporting (4 files)

SOURCE FILES CHANGED (15):

  - src/auth/oauth2.py (added)
  - src/auth/middleware.py (modified)
  - src/auth/tokens.py (added)
  - src/api/routes.py (modified)
  - src/api/rate_limiter.py (added)
  - src/api/dashboard.py (modified)
  - src/models/queries.py (modified)
  - src/websocket/handler.py (added)
  - src/websocket/channels.py (added)
  - frontend/package.json (modified)
  - requirements.txt (modified)
  - pyproject.toml (modified)
  - config/auth.yaml (added)
  - config/redis.yaml (added)
  - .github/workflows/test.yml (modified)

TASKS:

1. ROOT CAUSE: For each deviation, identify the commit(s) that caused it.
   Focus on [Action Required] and [Needs Attention] items first.

2. FIXES: Provide concrete fixes with file paths and code changes.
   Goal: bring metrics back toward baseline without disrupting velocity.

3. PRIORITY: Rank fixes by urgency (immediate vs. next sprint).

4. AFTER FIXING: Run `evo analyze . --verify` to confirm deviations decreased.
   If a change was intentional, accept it: `evo accept . <N>`.

5. FINDING SUMMARIES: At the end, include a section like this:
   ## Finding Summaries
   - [family/metric]: One plain-English sentence for a non-technical reader.
   (This lets the user run `evo enrich . --from response.txt` to store friendly descriptions.)

Evolution Advisory

Executive Summary

What Evolution Engine Can See

Key Findings

What Changed in Your Codebase

Next Steps

Investigation Prompt

Expand Your Coverage