Pricing & Credit System
A comprehensive guide to Bugrit pricing: how credits work, what each tier includes, and how to estimate your costs accurately.
Why Credit-Based Pricing?
Credit-based pricing aligns what you pay with what you use. Unlike flat-rate plans that charge the same whether you scan once or 100 times, credits give you:
Transparency
See the exact cost before every scan. No surprise bills.
Control
Toggle expensive features on/off based on your needs.
Scalability
Start free, upgrade as you grow, buy top-ups for burst usage.
Fairness
Small repos pay less than large monorepos. Makes sense.
How Credits Are Calculated
Each scan consumes credits based on a simple formula. The cost depends on your codebase size, the tools you run, and AI features you enable.
| Base scan cost | 1 credit |
| Per 10,000 lines of code | 1 credit |
Example: A 45,000 line repo = 1 base + 5 lines = 6 credits minimum
Larger codebases take longer to scan and consume more compute resources. Charging per 10K lines ensures:
- Small side projects pay minimal amounts
- Large enterprise repos pay proportionally more
- You're not subsidizing someone else's monorepo
Pro tip: Use .bugritignore to exclude node_modules,dist, and generated files from line counts.
Tool Category Costs
Different tool categories have different infrastructure costs. Linting runs quickly in memory, but Lighthouse needs a full headless browser, and Docker-based tools have container overhead.
| Category | Tools Included | Credits | Why This Cost? |
|---|---|---|---|
| 📝 Linting & Formatting | ESLint, Biome, Stylelint, Prettier | Free | Fast, low memory, runs in Node.js |
| 📦 Dependencies | depcheck, madge (+ OSV, pip-audit, cargo-audit) | 0-1 credit | Some tools use Docker for multi-language support |
| ✨ Code Quality | TypeScript, knip, jscpd, cspell, PHPStan, RuboCop | 0-3 credits | JS tools free; Docker-based tools cost more |
| 📚 Documentation | markdownlint, remark-lint, alex | Free | Text analysis, very fast |
| 🔀 Git | commitlint | Free | Checks git history only |
| 🔒 Security | Semgrep, Trivy, Nuclei, Bandit, Gosec, Gitleaks, etc. | 1-5 credits | DAST tools (OWASP ZAP) cost more than SAST |
| ♿ Accessibility | axe-core, Pa11y | 4 credits | Requires Puppeteer headless browser |
| ⚡ Performance | Lighthouse, size-limit | 1-5 credits | Full browser render, network simulation |
| 📱 Mobile Security | MobSF, APKLeaks, Androguard, SwiftLint | 1-5 credits | APK/IPA analysis requires specialized containers |
| 🔌 API Security | Spectral, Dredd, GraphQL Cop, Schemathesis | 1-3 credits | API contract validation and security testing |
| ☁️ Cloud Native | Kubesec, Kube-bench, Polaris, Terrascan, Kube-hunter | 1-3 credits | Kubernetes and IaC security scanning |
AI Feature Costs
AI features use large language models which have per-token costs. Some features are flat-rate, while others scale with the number of issues found.
| Feature | Credits | Pricing Model | What It Does |
|---|---|---|---|
| Scan Summary | 1 | Per scan | Executive summary of all findings |
| Priority Scoring | 1 | Per scan | AI-ranked issues by severity and impact |
| Issue Explanations | 0.1 | Per issue | Plain-English explanation of each issue |
| Fix Suggestions | 0.15 | Per issue | AI-generated code fix for each issue |
Per-Issue Pricing Note
Issue Explanations and Fix Suggestions are charged per issue found. If your scan finds 100 issues and you enable Fix Suggestions, that's 100 × 0.15 = 15 credits for that feature alone. Consider running a basic scan first to see how many issues you have before enabling these features.
Example Calculations
Here are real-world examples to help you estimate your costs.
Subscription Tiers
Choose the tier that fits your usage. All paid tiers include overage pricing so you never get blocked.
| Free | Solo | Scale | Business | |
|---|---|---|---|---|
| Monthly Price | $0 | $19 | $49 | $99 |
| Annual Price | $0 | $190 (2 mo free) | $490 (2 mo free) | $990 (2 mo free) |
| Monthly Credits | 5 | 50 | 200 | 500 |
| Credit Rollover | - | - | Up to 100 | Up to 250 |
| Overage Rate | N/A | $0.40/credit | $0.30/credit | $0.20/credit |
| Effective $/Credit | N/A | $0.38 | $0.245 | $0.198 |
| Projects | 1 | 3 | 10 | Unlimited |
| Team Members | 1 | 1 | 3 | 10 |
| Max Repo Size | 10K lines | 50K lines | 150K lines | 500K lines |
| History Retention | 7 days | 14 days | 30 days | 90 days |
| AI Summary | - | |||
| AI Issue Explanations | - | - | ||
| AI Fix Suggestions | - | - | - | |
| GitHub Integration | - | - | ||
| Slack + Webhooks | - | - | - | |
| API Access | - | - | - |
Cost Calculator
Enter your expected usage to find the best plan and estimate your monthly costs.
Used for per-issue AI feature costs
Cost comparison:
Credit Top-Up Packages
Need more credits? Purchase packages anytime. Purchased credits never expire.
Frequently Asked Questions
Paid plans (Solo, Scale, Business) have overage pricing, so you can always keep scanning. You'll see the overage cost before confirming each scan. Free tier users need to wait for their next monthly allocation or upgrade to a paid plan.
Scale and Business plans include credit rollover. Scale can roll over up to 100 credits, Business up to 250. Free and Solo plans don't have rollover - use them or lose them!
Purchased credits are added to your account immediately and never expire. They're used after your monthly allocation is exhausted, before any overage charges apply.
Yes! In your account settings, you can enable auto top-up to automatically purchase a credit package when your balance falls below a threshold. Set a monthly limit to control spending.
We count logical lines of code (excluding empty lines and comments) in supported file types. Files in node_modules, dist, .git, and common build directories are automatically excluded. You can add custom exclusions in .bugritignore.
These tools require spinning up headless browsers (Puppeteer/Chromium) which consume significantly more CPU, memory, and time than static analysis tools. The credit cost reflects our actual infrastructure costs to run these tools reliably.