@chappibunny/repolens 0.4.3 → 0.6.2

package/README.md

@@ -1,3 +1,7 @@
+<p align="center">
+  <img src="Avatar.png" alt="RepoLens" width="120" />
+</p>
+
 ```
     ██████╗ ███████╗██████╗  ██████╗ ██╗     ███████╗███╗   ██╗███████╗
     ██╔══██╗██╔════╝██╔══██╗██╔═══██╗██║     ██╔════╝████╗  ██║██╔════╝
@@ -8,9 +12,15 @@
                         🔍 Repository Intelligence CLI 📊
 ```
 
+[![Tests](https://img.shields.io/badge/tests-90%20passing-brightgreen)](https://github.com/CHAPIBUNNY/repolens/actions)
+[![Security](https://img.shields.io/badge/security-hardened-blue)](SECURITY.md)
+[![Vulnerabilities](https://img.shields.io/badge/vulnerabilities-0-brightgreen)](SECURITY.md)
+[![License](https://img.shields.io/badge/license-MIT-blue)](LICENSE)
+[![Security Audit](https://img.shields.io/badge/security%20audit-passed-brightgreen)](SECURITY.md)
+
 AI-assisted documentation intelligence system that generates architecture docs for engineers AND readable system docs for stakeholders
 
-**Current Status**: v0.4.0 — Production Ready
+**Current Status**: v0.6.1 — Confluence Publisher & Team Features
 
 RepoLens automatically generates and maintains living architecture documentation by analyzing your repository structure, extracting meaningful insights from your package.json, and creating visual dependency graphs. Run it once, or let it auto-update on every push.
 
@@ -22,7 +32,7 @@ RepoLens automatically generates and maintains living architecture documentation
 
 **Step 1: Install**
 ```bash
-npm install github:CHAPIBUNNY/repolens
+npm install @chappibunny/repolens
 ```
 
 **Step 2: Initialize** (creates config + GitHub Actions workflow)
@@ -30,19 +40,30 @@ npm install github:CHAPIBUNNY/repolens
 npx @chappibunny/repolens init
 ```
 
-**Step 3: Configure Notion** (optional, skip if using Markdown only)
+**Step 3: Configure Publishing** (optional, skip if using Markdown only)
+
+For Notion:
 ```bash
 # Edit .env and add:
 NOTION_TOKEN=secret_xxx
 NOTION_PARENT_PAGE_ID=xxx
 ```
 
+For Confluence:
+```bash
+# Edit .env and add:
+CONFLUENCE_URL=https://your-company.atlassian.net/wiki
+CONFLUENCE_EMAIL=trades@rabitaitrades.com
+CONFLUENCE_API_TOKEN=your-token
+CONFLUENCE_SPACE_KEY=DOCS
+```
+
 **Step 4: Publish**
 ```bash
 npx @chappibunny/repolens publish
 ```
 
-**Done!** Your docs are now live in Notion and/or `.repolens/` directory.
+**Done!** Your docs are now live in Notion, Confluence, and/or `.repolens/` directory.
 
 **🔄 Upgrading from v0.3.0 or earlier?**
 Run `npx @chappibunny/repolens migrate` to automatically update your workflow files. See [MIGRATION.md](MIGRATION.md) for details.
@@ -107,53 +128,103 @@ RepoLens automatically detects:
 ✅ **Deterministic Fallback** - Always generates docs even if AI unavailable  
 ✅ **Business Domain Inference** - Automatically maps code to business functions  
 ✅ **Data Flow Analysis** - Understands how information moves through your system  
-✅ **Multiple Publishers** - Output to Notion, Markdown, or both  
+✅ **Multiple Publishers** - Output to Notion, Confluence, Markdown, or all three  
 ✅ **Branch-Aware** - Prevent doc conflicts across branches  
 ✅ **GitHub Actions** - Autonomous operation on every push  
+✅ **Team Notifications** - Discord integration with rich embeds (NEW in v0.6.0)  
+✅ **Health Score Tracking** - Monitor documentation quality over time (NEW in v0.6.0)  
+
+---
+
+## 👥 Team Features (New in v0.6.0)
+
+### 💬 Discord Notifications
+
+Get notified when documentation changes significantly:
+
+**Features:**
+- Rich embeds with coverage, health score, and change percentage
+- Threshold-based notifications (only for significant changes)
+- Branch filtering with glob pattern support
+- Secure webhook configuration via environment variable
+
+**Setup Discord Notifications:**
+
+1. **Create a webhook** in your Discord server:
+   - Server Settings → Integrations → Webhooks → New Webhook
+   - Copy the webhook URL
+
+2. **Add to environment**:
+   ```bash
+   # .env (never commit!)
+   DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/xxx/xxx
+   ```
+
+3. **Configure in `.repolens.yml`** (optional):
+   ```yaml
+   discord:
+     enabled: true                  # Default: true (if webhook configured)
+     notifyOn: significant          # Options: always, significant, never
+     significantThreshold: 10       # Notify if change >10% (default)
+     branches:                      # Which branches to notify (default: all)
+       - main
+       - develop
+   ```
+
+4. **Add GitHub Actions secret** (for CI/CD):
+   - Repo Settings → Secrets and variables → Actions
+   - New repository secret: `DISCORD_WEBHOOK_URL`
+
+**Notification includes:**
+- Branch and commit information
+- Files scanned and modules analyzed
+- Coverage percentage and health score
+- Change percentage from previous run
+- Direct links to Notion and GitHub documentation
 
 ---
 
 ## 📦 Installation
 
-### Recommended: GitHub Install
+### Recommended: npm Registry
 
 ```bash
-npm install github:CHAPIBUNNY/repolens
+npm install @chappibunny/repolens
 ```
 
-This installs directly from the latest GitHub commit. Perfect for early access.
+Installs from npm registry.
 
 ### Alternative Methods
 
 <details>
-<summary><b>Option B: Local Development</b></summary>
+<summary><b>Option B: GitHub Direct Install</b></summary>
 
-Clone and link for development:
+Install from the latest GitHub commit:
 
 ```bash
-git clone https://github.com/CHAPIBUNNY/repolens.git
-cd repolens
-npm link
+npm install github:CHAPIBUNNY/repolens
 ```
 </details>
 
 <details>
-<summary><b>Option C: GitHub Release Tarball</b></summary>
+<summary><b>Option C: Local Development</b></summary>
 
-Install from a specific version:
+Clone and link for development:
 
 ```bash
-npm install https://github.com/CHAPIBUNNY/repolens/releases/download/v0.2.0/repolens-0.2.0.tgz
+git clone https://github.com/CHAPIBUNNY/repolens.git
+cd repolens
+npm link
 ```
 </details>
 
 <details>
-<summary><b>Option D: npm Registry (Coming v1.0)</b></summary>
+<summary><b>Option D: GitHub Release Tarball</b></summary>
 
-Once published to npm:
+Install from a specific version:
 
 ```bash
-npm install -g repolens
+npm install https://github.com/CHAPIBUNNY/repolens/releases/download/v0.6.1/chappibunny-repolens-0.6.1.tgz
 ```
 </details>
 
@@ -187,8 +258,9 @@ Open `.repolens.yml` and verify the `publishers` section:
 
 ```yaml
 publishers:
-  - markdown  # Always works, no setup needed
-  - notion    # Requires NOTION_TOKEN and NOTION_PARENT_PAGE_ID
+  - markdown    # Always works, no setup needed
+  - notion      # Requires NOTION_TOKEN and NOTION_PARENT_PAGE_ID
+  - confluence  # Requires CONFLUENCE_URL, CONFLUENCE_EMAIL, CONFLUENCE_API_TOKEN, CONFLUENCE_SPACE_KEY
 ```
 
 **Markdown Only** (simplest):
@@ -196,6 +268,18 @@ publishers:
 publishers:
   - markdown
 ```
+
+**Notion Only**:
+```yaml
+publishers:
+  - notion
+```
+
+**Confluence Only**:
+```yaml
+publishers:
+  - confluence
+```
 Documentation lands in `.repolens/` directory. Commit these files or ignore them.
 
 **Notion + Markdown** (recommended):
@@ -206,6 +290,23 @@ publishers:
 ```
 Docs published to Notion for team visibility, plus local Markdown backups.
 
+**Confluence + Markdown**:
+```yaml
+publishers:
+  - confluence
+  - markdown
+```
+Docs published to Confluence for enterprise teams, plus local Markdown backups.
+
+**All Three**:
+```yaml
+publishers:
+  - notion
+  - confluence
+  - markdown
+```
+Maximum visibility: Notion for async collaboration, Confluence for enterprise docs, Markdown for local backups.
+
 ### Step 3: Enable AI Features (Optional)
 
 **AI-enhanced documentation adds natural language explanations for non-technical audiences.**
@@ -296,15 +397,82 @@ Add as repository secrets:
    - Name: `NOTION_TOKEN`, Value: `secret_xxxxx`
    - Name: `NOTION_PARENT_PAGE_ID`, Value: `xxxxxx`
 
+### Step 4a: Set Up Confluence Integration (Optional)
+
+If using the Confluence publisher:
+
+**4a.1: Generate Confluence API Token**
+1. Go to [id.atlassian.com/manage-profile/security/api-tokens](https://id.atlassian.com/manage-profile/security/api-tokens)
+2. Click **"Create API token"**
+3. Name it **"RepoLens"**
+4. Copy the generated token (save it securely - you won't see it again!)
+
+**4a.2: Find Your Space Key**
+1. Navigate to your Confluence space
+2. Go to **Space Settings** → **Space details**
+3. Note the **Space Key** (e.g., `DOCS`, `ENG`, `TECH`)
+
+**4a.3: Get Parent Page ID (Optional)**
+1. Navigate to the page where you want RepoLens docs nested
+2. Click **"..."** menu → **"Page information"**
+3. Copy the page ID from the URL: `pageId=123456789`
+4. If skipped, docs will be created at space root level
+
+**4a.4: Add Environment Variables**
+
+**For Local Development:**
+Create `.env` in your project root:
+```bash
+CONFLUENCE_URL=https://your-company.atlassian.net/wiki
+CONFLUENCE_EMAIL=trades@rabitaitrades.com
+CONFLUENCE_API_TOKEN=your-api-token-here
+CONFLUENCE_SPACE_KEY=DOCS
+CONFLUENCE_PARENT_PAGE_ID=123456789  # Optional
+```
+
+**For Confluence Server/Data Center** (self-hosted):
+```bash
+CONFLUENCE_URL=https://confluence.yourcompany.com
+CONFLUENCE_EMAIL=your-username  # Use username instead of email
+CONFLUENCE_API_TOKEN=your-personal-access-token
+CONFLUENCE_SPACE_KEY=DOCS
+CONFLUENCE_PARENT_PAGE_ID=123456789  # Optional
+```
+
+**For GitHub Actions:**
+Add as repository secrets:
+1. Go to your repo → **Settings** → **Secrets and variables** → **Actions**
+2. Click **"New repository secret"**
+3. Add:
+   - Name: `CONFLUENCE_URL`, Value: `https://your-company.atlassian.net/wiki`
+   - Name: `CONFLUENCE_EMAIL`, Value: `trades@rabitaitrades.com`
+   - Name: `CONFLUENCE_API_TOKEN`, Value: `your-token`
+   - Name: `CONFLUENCE_SPACE_KEY`, Value: `DOCS`
+   - Name: `CONFLUENCE_PARENT_PAGE_ID`, Value: `123456789` (optional)
+
+**Confluence + Notion + Markdown** (all three!):
+```yaml
+publishers:
+  - markdown
+  - notion
+  - confluence
+```
+
+Docs published to both Notion and Confluence for maximum visibility!
+
 ### Step 5: Configure Branch Publishing (Recommended)
 
-Prevent documentation conflicts by limiting which branches publish to Notion:
+Prevent documentation conflicts by limiting which branches publish to Notion/Confluence:
 
 ```yaml
 notion:
   branches:
     - main              # Only main branch publishes
   includeBranchInTitle: false  # Clean titles (no [branch-name] suffix)
+
+confluence:
+  branches:
+    - main              # Only main branch publishes to Confluence
 ```
 
 **Options:**
@@ -348,8 +516,8 @@ npx @chappibunny/repolens publish
 
 **Expected output:**
 ```
-RepoLens v0.2.0
-────────────────────────────────────────
+RepoLens 🔍
+────────────────────────────────────────────────────
 [RepoLens] Using config: /path/to/.repolens.yml
 [RepoLens] Loading configuration...
 [RepoLens] Scanning repository...
@@ -373,7 +541,7 @@ ls .repolens/
 # api_surface.md
 # route_map.md
 # system_map.md
-# diagrams/system_map.svg
+# system_map.md
 ```
 
 **Notion Output:**
@@ -443,7 +611,7 @@ Validates:
 - ✅ Required config fields present
 - ✅ Publishers configured correctly
 - ✅ Scan patterns defined
-- ✅ Mermaid CLI installation status
+- ✅ Publisher configuration valid
 
 ### Migrate Workflows
 
@@ -547,6 +715,131 @@ When you open a pull request, RepoLens posts:
 
 ---
 
+## 🔒 Privacy & Telemetry
+
+RepoLens includes **opt-in** error tracking and usage telemetry to help improve reliability, understand adoption patterns, and prioritize features.
+
+**Privacy First:**
+- ✅ **Disabled by default** - telemetry is opt-in
+- ✅ **No code collection** - your source code never leaves your machine
+- ✅ **No secrets** - API keys and tokens are never sent
+- ✅ **Anonymous** - no personal information or repository names
+- ✅ **Transparent** - see exactly what data is collected
+
+**To enable telemetry**, add to `.env`:
+```bash
+REPOLENS_TELEMETRY_ENABLED=true
+```
+
+**What's collected (when enabled):**
+
+*Error Tracking (Phase 1):*
+- Error messages and stack traces (for debugging)
+- Command that failed (e.g., `publish`, `migrate`)
+- Basic system info (Node version, platform)
+
+*Usage Metrics (Phase 2):*
+- Command execution times (scan, render, publish)
+- Repository size (file count, module count)
+- Feature usage (AI enabled, publishers used)
+- Success/failure rates
+
+**Why enable it?**
+- 🐛 **Faster bug fixes** - issues you encounter are fixed proactively
+- 📊 **Better features** - development focused on real-world usage
+- ⚡ **Performance** - optimizations based on actual bottlenecks
+- 🎯 **Prioritization** - roadmap guided by community needs
+
+For full details and example data, see [TELEMETRY.md](TELEMETRY.md).
+
+---
+
+## 🛡️ Security
+
+RepoLens implements **defense-in-depth** security to protect your credentials, code, and infrastructure.
+
+### Security Architecture (Phase 3)
+
+**Layer 1: Input Validation** (`src/utils/validate.js`)
+- ✅ Schema validation with required field enforcement
+- ✅ Injection attack detection (shell, command substitution)
+- ✅ Directory traversal prevention (`..`, absolute paths, null bytes)
+- ✅ Secret scanning in configuration files
+- ✅ Circular reference protection (depth limit: 20 levels)
+
+**Layer 2: Secret Detection** (`src/utils/secrets.js`)
+- ✅ **15+ credential patterns**: OpenAI, GitHub, AWS, Notion, Generic API keys
+- ✅ **Entropy-based detection**: High-entropy strings (Shannon entropy > 4.5)
+- ✅ **Automatic sanitization**: All logger output, telemetry, error messages
+- ✅ **Format**: `sk-abc123xyz` → `sk-ab***yz` (first 2 + last 2 chars visible)
+
+**Layer 3: Rate Limiting** (`src/utils/rate-limit.js`)
+- ✅ **Token bucket algorithm**: 3 requests/second for Notion & AI APIs
+- ✅ **Exponential backoff**: Automatic retry with jitter (500ms → 1s → 2s)
+- ✅ **Cost protection**: Prevents runaway API usage
+- ✅ **Retryable errors**: 429, 500, 502, 503, 504, network timeouts
+
+**Layer 4: Supply Chain Security**
+- ✅ **Action pinning**: GitHub Actions pinned to commit SHAs (not tags)
+- ✅ **Minimal permissions**: `contents: read` or `contents: write` only
+- ✅ **Dependency audits**: CI/CD fails on critical/high vulnerabilities
+- ✅ **npm audit**: 0 vulnerabilities in 519 dependencies
+
+**Layer 5: Comprehensive Testing**
+- ✅ **43 security tests**: Fuzzing, injection, boundary conditions
+- ✅ **Attack vectors tested**: SQL, command, path, YAML, NoSQL, LDAP, XML
+- ✅ **90 total tests**: 47 functional + 43 security (100% passing)
+
+### Security Validation (Automatic)
+
+```bash
+# Every configuration load:
+✅ No injection patterns detected (;|&`$())
+✅ No secrets in configuration files
+✅ Safe path patterns only (no .. or absolute paths)
+✅ Valid schema (configVersion: 1)
+
+# Every runtime operation:
+✅ All logs sanitized (secrets redacted)
+✅ Telemetry sanitized (no credentials sent)
+✅ Rate limiting active (3 req/sec)
+✅ Type validation active (prevents type confusion)
+
+# Every CI/CD run:
+✅ npm audit passing (0 vulnerabilities)
+✅ Security tests passing (43/43)
+✅ Secrets scanner passing (no hardcoded credentials)
+```
+
+### Vulnerability Reporting
+
+- 📧 **Email**: trades@rabitaitrades.com
+- 🚨 **DO NOT** open public issues for security bugs
+- ⏱️ **Response**: Within 48 hours
+- 🔒 **Fix Timeline**: Critical issues within 7 days, others within 30 days
+- 📢 **Disclosure**: Coordinated disclosure after fix is released
+
+### Security Best Practices
+
+**✅ DO:**
+- Store secrets in GitHub Secrets (not `.repolens.yml`)
+- Use environment variables for sensitive data
+- Review generated documentation before publishing
+- Enable telemetry to catch security issues early
+- Run `npm audit` regularly
+- Pin workflows to specific versions
+
+**❌ DON'T:**
+- Commit API keys to version control
+- Share `.env` files publicly
+- Disable security validation
+- Use overly broad scan patterns (`**/*`)
+- Ignore security warnings
+
+For complete security documentation and threat model, see [SECURITY.md](SECURITY.md).
+
+---
+
 ## ⚙️ Configuration Reference
 
 ### Complete Example
@@ -561,6 +854,7 @@ project:
 # Configure output destinations
 publishers:
   - notion
+  - confluence
   - markdown
 
 # Notion-specific settings (optional)
@@ -571,6 +865,20 @@ notion:
     - release/*         # Glob patterns supported
   includeBranchInTitle: false  # Clean titles without [branch-name]
 
+# Confluence-specific settings (optional)
+confluence:
+  branches:
+    - main              # Only main branch publishes to Confluence
+
+# Discord notifications (optional, new in v0.6.0)
+discord:
+  enabled: true                  # Default: true (if DISCORD_WEBHOOK_URL set)
+  notifyOn: significant          # Options: always, significant, never
+  significantThreshold: 10       # Notify if change >10% (default)
+  branches:                      # Which branches to notify (default: all)
+    - main
+    - develop
+
 # GitHub integration (optional)
 github:
   owner: "your-username"
@@ -630,11 +938,16 @@ features:
 | `configVersion` | number | No | Schema version (current: 1) for future migrations |
 | `project.name` | string | Yes | Project name |
 | `project.docs_title_prefix` | string | No | Prefix for documentation titles (default: project name) |
-| `publishers` | array | Yes | Output targets: `notion`, `markdown` |
+| `publishers` | array | Yes | Output targets: `notion`, `confluence`, `markdown` |
 | `notion.branches` | array | No | Branch whitelist for Notion publishing. Supports globs. |
 | `notion.includeBranchInTitle` | boolean | No | Add `[branch-name]` to titles (default: `true`) |
-| `github.owner` | string | No | GitHub org/username for SVG hosting |
-| `github.repo` | string | No | Repository name for SVG hosting |
+| `confluence.branches` | array | No | Branch whitelist for Confluence publishing. Supports globs. |
+| `discord.enabled` | boolean | No | Enable Discord notifications (default: `true` if webhook set) |
+| `discord.notifyOn` | string | No | Notification policy: `always`, `significant`, `never` (default: `significant`) |
+| `discord.significantThreshold` | number | No | Change % threshold for notifications (default: `10`) |
+| `discord.branches` | array | No | Branch filter for notifications. Supports globs. (default: all) |
+| `github.owner` | string | No | GitHub org/username |
+| `github.repo` | string | No | Repository name |
 | `scan.include` | array | Yes | Glob patterns for files to scan |
 | `scan.ignore` | array | Yes | Glob patterns to exclude |
 | `module_roots` | array | No | Root directories for module detection |
@@ -653,6 +966,22 @@ Required for Notion publisher:
 | `NOTION_PARENT_PAGE_ID` | Yes | Page ID where docs will be created |
 | `NOTION_VERSION` | No | API version (default: `2022-06-28`) |
 
+Required for Confluence publisher:
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `CONFLUENCE_URL` | Yes | Base URL (e.g., `https://your-company.atlassian.net/wiki`) |
+| `CONFLUENCE_EMAIL` | Yes | Atlassian account email |
+| `CONFLUENCE_API_TOKEN` | Yes | API token from [Atlassian](https://id.atlassian.com/manage-profile/security/api-tokens) |
+| `CONFLUENCE_SPACE_KEY` | Yes | Target space key (e.g., `DOCS`, `ENG`) |
+| `CONFLUENCE_PARENT_PAGE_ID` | No | Parent page ID (docs created at space root if omitted) |
+
+Optional for Discord notifications:
+
+| Variable | Required | Description |
+|----------|----------|-------------|
+| `DISCORD_WEBHOOK_URL` | No | Discord webhook URL for team notifications |
+
 **Local Development:** Create `.env` file in project root  
 **GitHub Actions:** Add as repository secrets in Settings → Secrets and variables → Actions
 
@@ -666,8 +995,8 @@ Required for Notion publisher:
 1. SCAN           2. ANALYZE         3. RENDER           4. PUBLISH
 ──────────────────────────────────────────────────────────────────
 Read files   →   Detect tech     →  Generate docs   →   Notion pages
-from patterns    stack patterns      with insights       + Markdown files
-                                                         + SVG diagrams
+from patterns    stack patterns      with insights       + Confluence pages
+                                                         + Markdown files
 ```
 
 **Scan Phase:**
@@ -691,8 +1020,7 @@ from patterns    stack patterns      with insights       + Markdown files
 **Publish Phase:**
 - Markdown: Writes files to `.repolens/` directory
 - Notion: Creates/updates pages via API with retry logic
-- SVG: Generates diagrams with optional mermaid-cli
-- Git: Commits diagrams back to repo for GitHub CDN hosting
+- Confluence: Creates/updates pages via REST API v1 (storage format)
 
 ### Module Dependency Detection
 
@@ -738,7 +1066,7 @@ npm test
 - Integration workflows
 - Doctor command validation
 
-**Coverage:** 32 tests passing
+**Coverage:** 90 tests passing across 11 test files
 
 ### Test Package Installation Locally
 
@@ -749,7 +1077,7 @@ Simulates the full user installation experience:
 npm pack
 
 # Install globally from tarball
-npm install -g repolens-0.2.0.tgz
+npm install -g chappibunny-repolens-0.6.1.tgz
 
 # Verify
 repolens --version
@@ -765,28 +1093,49 @@ repolens/
 │   ├── cli.js               # Command orchestration + banner
 │   ├── init.js              # Scaffolding command
 │   ├── doctor.js            # Validation command
+│   ├── migrate.js           # Workflow migration (legacy → current)
 │   ├── core/
 │   │   ├── config.js        # Config loading + validation
 │   │   ├── config-schema.js # Schema version tracking
 │   │   ├── diff.js          # Git diff operations
 │   │   └── scan.js          # Repository scanning + metadata extraction
+│   ├── analyzers/
+│   │   ├── domain-inference.js  # Business domain mapping
+│   │   ├── context-builder.js   # Structured AI context assembly
+│   │   └── flow-inference.js    # Data flow detection
+│   ├── ai/
+│   │   ├── provider.js          # Provider-agnostic AI generation
+│   │   ├── prompts.js           # Strict prompt templates
+│   │   ├── document-plan.js     # Document structure definition
+│   │   └── generate-sections.js # AI section generation + fallbacks
+│   ├── docs/
+│   │   ├── generate-doc-set.js  # Document generation orchestration
+│   │   └── write-doc-set.js     # Write docs to disk
 │   ├── renderers/
 │   │   ├── render.js        # System overview, catalog, API, routes
 │   │   ├── renderDiff.js    # Architecture diff rendering
-│   │   └── renderMap.js     # Mermaid dependency graphs
+│   │   └── renderMap.js     # Unicode dependency diagrams
 │   ├── publishers/
 │   │   ├── index.js         # Publisher orchestration + branch filtering
-│   │   ├── publish.js       # Notion publishing pipeline
+│   │   ├── publish.js       # Publishing pipeline
 │   │   ├── notion.js        # Notion API integration
+│   │   ├── confluence.js    # Confluence REST API integration
 │   │   └── markdown.js      # Local Markdown generation
+│   ├── integrations/
+│   │   └── discord.js       # Discord webhook notifications
 │   ├── delivery/
 │   │   └── comment.js       # PR comment delivery
 │   └── utils/
 │       ├── logger.js        # Logging utilities
-│       ├── retry.js         # API retry logic
+│       ├── retry.js         # API retry logic (exponential backoff)
 │       ├── branch.js        # Branch detection (multi-platform)
-│       └── mermaid.js       # SVG rendering + GitHub URL handling
-├── tests/                   # Vitest test suite
+│       ├── validate.js      # Configuration validation & security
+│       ├── metrics.js       # Documentation coverage & health scoring
+│       ├── rate-limit.js    # Token bucket rate limiter for APIs
+│       ├── secrets.js       # Secret detection & sanitization
+│       ├── telemetry.js     # Opt-in error tracking (Sentry)
+│       └── update-check.js  # Version update notifications
+├── tests/                   # Vitest test suite (90 tests across 11 files)
 ├── .repolens.yml            # Dogfooding config
 ├── package.json
 ├── CHANGELOG.md
@@ -803,13 +1152,13 @@ RepoLens uses automated GitHub Actions releases.
 ### Creating a Release
 
 ```bash
-# Patch version (0.2.0 → 0.2.1) - Bug fixes
+# Patch version (0.6.1 → 0.6.2) - Bug fixes
 npm run release:patch
 
-# Minor version (0.2.0 → 0.3.0) - New features
+# Minor version (0.6.1 → 0.7.0) - New features
 npm run release:minor
 
-# Major version (0.2.0 → 1.0.0) - Breaking changes
+# Major version (0.6.1 → 1.0.0) - Breaking changes
 npm run release:major
 
 # Push the tag to trigger workflow
@@ -817,10 +1166,11 @@ git push --follow-tags
 ```
 
 **What happens:**
-1. ✅ All tests run
-2. ✅ Package tarball created
-3. ✅ GitHub Release published
-4. ✅ Tarball attached as artifact
+1. ✅ Security audit runs (dependency audit + secret scanning)
+2. ✅ All tests run
+3. ✅ Package tarball created
+4. ✅ GitHub Release published with tarball attached
+5. ✅ npm package published to `@chappibunny/repolens`
 
 See [RELEASE.md](./RELEASE.md) for detailed workflow.
 
@@ -840,30 +1190,30 @@ RepoLens is currently in early access. v1.0 will open for community contribution
 
 ## 🗺️ Roadmap to v1.0
 
-**Current Status:** v0.2.0 — ~92% production-ready
+**Current Status:** v0.6.1 — Confluence Publisher & Team Features
 
 ### Completed ✅
 
-- [x] CLI commands: `init`, `doctor`, `publish`, `version`, `help`
+- [x] CLI commands: `init`, `doctor`, `publish`, `migrate`, `version`, `help`
 - [x] Config schema v1 with validation
 - [x] Auto-discovery of `.repolens.yml`
-- [x] Publishers: Notion + Markdown
+- [x] Publishers: Notion + Confluence + Markdown
 - [x] Branch-aware publishing with filtering
 - [x] Smart tech stack detection from package.json
-- [x] Dependency graphs with actual module relationships
-- [x] Visual diagrams with optional SVG rendering
-- [x] GitHub Actions automation
+- [x] Unicode dependency diagrams (no external deps)
+- [x] AI-assisted documentation intelligence (provider-agnostic)
+- [x] Business domain inference & data flow analysis
+- [x] GitHub Actions automation (publish + release)
 - [x] PR architecture diff comments
 - [x] Performance guardrails (10k warning, 50k limit)
-- [x] Comprehensive test suite (32 tests)
-- [x] Interactive mermaid-cli installation
-
-### In Progress 🚧
-
-- [ ] Production stability validation
-- [ ] Enhanced error messages and debugging
-- [ ] Performance optimization for large repos
-- [ ] Additional framework detection (Remix, SvelteKit, Astro)
+- [x] Comprehensive test suite (90 tests across 11 files)
+- [x] Security hardening (secret detection, injection prevention, fuzzing)
+- [x] Discord notifications with rich embeds
+- [x] Documentation coverage & health scoring
+- [x] Opt-in telemetry (Sentry)
+- [x] npm registry publication (`@chappibunny/repolens`)
+- [x] Automated npm releases via GitHub Actions
+- [x] Workflow migration command (`repolens migrate`)
 
 ### Planned for v1.0 🎯
 
@@ -872,7 +1222,7 @@ RepoLens is currently in early access. v1.0 will open for community contribution
 - [ ] TypeScript type graph analysis
 - [ ] Interactive configuration wizard
 - [ ] Watch mode for local development
-- [ ] npm registry publication
+- [ ] Additional publishers (GitHub Wiki, Obsidian)
 
 See [ROADMAP.md](./ROADMAP.md) for detailed planning.
 
@@ -894,6 +1244,6 @@ MIT
 
 <div align="center">
 
-**Made with 🔍 for developers who care about architecture**
+**Made with ❤️ by RepoLens for developers who care about architecture**
 
 </div>