roast-my-codebase 1.0.0 → 1.2.0

package/README.md

@@ -114,24 +114,43 @@ npx roast-my-codebase --markdown-file  # Save to .roast-report.md
 ### Fully Supported
 - **JavaScript** (.js, .jsx, .mjs, .cjs)
 - **TypeScript** (.ts, .tsx)
-- **Python** (.py) - NEW! ✨
-  - Complexity analysis
-  - Type hints detection
-  - Import pattern analysis
+- **Python** (.py) — Complexity, type hints, imports, docstrings, security, class design
+- **Go** (.go) — Complexity, error handling, lint conventions
+- **Rust** (.rs) — Complexity, unsafe usage, clippy hints
+- **Java** (.java) — Complexity, code smells, naming conventions
+- **C#** (.cs) — Complexity, code smells, async patterns
+
+### Framework-Specific Checks
+
+| Framework | What's detected |
+|-----------|----------------|
+| **Next.js** | Missing metadata exports, server/client component misuse |
+| **React** | Missing error boundaries |
+| **Vue 3** | Options API in Vue 3, v-for without :key, deep watchers |
+| **Angular** | Missing OnPush strategy, direct DOM manipulation, untyped events |
+| **Svelte** | Reactive side effects, inaccessible buttons |
+| **Express** | Missing error middleware, no rate limiting, sync I/O in routes |
+| **FastAPI** | Missing response_model, sync endpoints, missing status codes |
+
+### Language-Specific Checks
+
+| Language | Scanners |
+|----------|----------|
+| Python | Cyclomatic complexity, type hints, imports, docstrings, code smells, security, class design |
+| Go | Complexity, ignored errors, panic usage, undocumented exports, init() |
+| Rust | Complexity, unsafe blocks, .unwrap() overuse, .clone() overuse, dead_code |
+| Java | Complexity, God classes, raw types, empty catches, System.out, naming |
+| C# | Complexity, God classes, #regions, async void, sync-over-async, empty catches |
 
 ### Universal Features (All Languages)
 - File size analysis
 - TODO/FIXME detection
-- Git insights
-- Security scans
+- Git insights (churn, PR size, stale branches)
+- Security scans (secrets, .env in git, eval)
+- Test coverage gaps
+- Framework best practices (Next.js, React)
 
-### Coming Soon
-- Go (.go)
-- Rust (.rs)
-- Java (.java)
-- C# (.cs)
-
-Language detection is automatic! The tool detects your project's languages and runs appropriate scanners.
+Language detection is automatic! The tool detects your project's languages via package files and runs appropriate scanners.
 
 ## Design principles
 
@@ -265,7 +284,12 @@ roast-my-codebase --interactive
 - ✅ Remove unused dependencies (`npm uninstall`)
 - ✅ Add issue references to TODO comments
 - ✅ Remove dead exports
-- 🔜 More fixes coming soon!
+- ✅ Add `'use client'` directive to Next.js components
+- ✅ Add missing metadata export to Next.js pages
+- ✅ Add `.env` files to `.gitignore`
+- ✅ Upgrade `@ts-ignore` to `@ts-expect-error`
+- ✅ Create skeleton test files for untested source files
+- ✅ Add secret files to `.gitignore`
 
 **Example session:**
 ```
@@ -289,7 +313,25 @@ Unused dependency `lodash` is installed but never imported
   Exit interactive mode
 ```
 
-### Watch Mode
+### HTML Report
+```bash
+roast-my-codebase --html-file
+```
+- Saves `.roast-report.html` — a beautiful standalone HTML report
+- Dark theme, SVG health gauge, sortable findings table, severity chart
+- Fully self-contained (no CDN, works offline)
+- Perfect for sharing with the team
+
+# Incremental Scanning
+```bash
+roast-my-codebase --incremental      # Only changed files since last commit
+roast-my-codebase --since main       # Only files changed since branching from main
+```
+- Dramatically faster on large repos — only scans changed files
+- Global findings (circular deps, excessive dependencies) are always shown
+- Falls back to full scan if not in a git repository
+
+# Watch Mode
 ```bash
 roast-my-codebase --watch
 ```