Add Mintlify documentation with Maple theme

[omsherikar]

• Set up Mintlify docs with Maple theme and emerald color scheme
• Added comprehensive documentation pages for all features
• Configured Space Grotesk font for modern typography
• Added 8-step workflow guide (login -> init -> repo -> analyze -> suggest -> refactor -> report -> rollback)
• Created API reference, CLI reference, guides, and advanced topics
• Added social media links (GitHub, X, LinkedIn, Discord)
• Migrated content from existing documentation to MDX format

Pull Request

📋 Description

A clear and concise description of what this PR does.

🔗 Related Issue

Closes #(issue number)

🧪 Type of Change

• 🐛 Bug fix (non-breaking change which fixes an issue)
• ✨ New feature (non-breaking change which adds functionality)
• 💥 Breaking change (fix or feature that would cause existing functionality to not work as expected)
• 📚 Documentation update
• 🧪 Test update
• 🔧 Refactoring (no functional changes)
• ⚡ Performance improvement
• 🎨 Style/formatting changes
• 🔒 Security update

🧪 Testing

• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• I have tested this change manually
• I have tested on multiple Python versions (3.8, 3.9, 3.10, 3.11, 3.12)

📝 Changes Made

• Change 1
• Change 2
• Change 3

🎯 Code Quality

• My code follows the project's style guidelines
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works

📚 Documentation

• I have updated the README.md if needed
• I have updated the API documentation if needed
• I have added/updated docstrings for new functions
• I have updated the CHANGELOG.md if needed

🔒 Security

• I have considered the security implications of my changes
• I have not introduced any security vulnerabilities
• I have followed secure coding practices

🚀 Performance

• I have considered the performance implications of my changes
• I have not introduced any performance regressions
• I have optimized critical paths if applicable

📋 Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published

🎨 Screenshots (if applicable)

Add screenshots to help explain your changes.

📋 Additional Notes

Add any other context about the PR here.

🔍 Reviewers

@omsherikar - Please review this PR

🏷️ Labels

Please add appropriate labels to this PR:

• bug - Bug fix
• enhancement - New feature
• documentation - Documentation update
• dependencies - Dependency update
• security - Security update
• performance - Performance improvement
• refactoring - Code refactoring
• testing - Test updates
• breaking-change - Breaking change
• good-first-issue - Good for new contributors
• help-wanted - Help needed
• priority-high - High priority
• priority-medium - Medium priority
• priority-low - Low priority

Summary by CodeRabbit

• Documentation
  • Added comprehensive documentation covering installation, configuration, and authentication workflows.
  • New guides for code analysis, refactoring, pattern learning, AI-powered features, and CI/CD integration.
  • Complete API reference documentation for core functionality and modules.
  • Added troubleshooting guides, FAQ, performance optimization documentation, and changelog.

[coderabbitai]

📝 Walkthrough

Walkthrough

Comprehensive documentation expansion for Refactron across user guides, API references, and internal documentation. Adds getting started materials, configuration guides, feature documentation, CLI and API references, and architectural documentation. Removes legacy configuration files and static homepage.

Changes

Cohort / File(s)	Summary
Site Configuration & Homepage docs/_config.yml, docs/index.html, docs/docs.json	Removed Jekyll config and static homepage; added new docs.json with site metadata, navigation structure, theme configuration, and footer links.
Getting Started & Introduction docs/introduction.mdx, docs/quickstart.mdx, docs/essentials/installation.mdx	Added introductory overview with key features, quick start workflow with multi-step instructions, and installation guide with requirements, troubleshooting, and dependency management.
Essentials & Configuration docs/essentials/authentication.mdx, docs/essentials/configuration.mdx	Added authentication workflows for CLI login and API keys, plus comprehensive configuration guide for .refactron.yaml with analyzers, refactorers, thresholds, and environment-specific settings.
User Guides docs/guides/code-analysis.mdx, docs/guides/refactoring.mdx, docs/guides/pattern-learning.mdx, docs/guides/ai-features.mdx	Added detailed guides covering static analysis capabilities and filtering, refactoring workflows with rollback, pattern learning system with feedback mechanisms, and AI-powered features including RAG and LLM integration.
Advanced Topics docs/advanced/ci-cd.mdx, docs/advanced/monitoring.mdx, docs/advanced/performance.mdx	Added CI/CD integration templates for GitHub Actions/GitLab CI/pre-commit, production monitoring and telemetry configuration, and performance optimization features (AST caching, incremental analysis, parallel processing).
CLI & API References docs/cli/commands.mdx, docs/api-reference/overview.mdx, docs/api-reference/refactron-class.mdx	Added comprehensive CLI command reference with usage syntax and examples, Python API overview with quick start and configuration details, and detailed Refactron class API documentation with methods and examples.
Resources docs/resources/changelog.mdx, docs/resources/faq.mdx	Added release history from v0.1.0-beta to v1.0.15, and comprehensive FAQ covering general usage, installation, AI features, pattern learning, and troubleshooting.
Internal Architecture Documentation documentation/docs/ARCHITECTURE.md, documentation/docs/TUTORIAL.md, documentation/docs/CODE_OF_CONDUCT.md, documentation/docs/SECURITY.md	Added architecture overview documenting components and design principles, extended tutorial with AI-powered features section, contributor code of conduct, and comprehensive security policy with vulnerability reporting procedures.
Internal Changelog & References documentation/docs/CHANGELOG.md, documentation/docs/QUICK_REFERENCE.md, documentation/docs/CLI_REFERENCE.md	Added structured changelog across v0.0.1 to v1.0.15, expanded quick reference with new AI and CI/CD commands, and comprehensive CLI reference with all command variants and options.
Integration Guides documentation/docs/LLM_RAG_INTEGRATION.md, documentation/docs/PATTERN_LEARNING.md, documentation/docs/PERFORMANCE_OPTIMIZATION.md	Added LLM & RAG integration guide outlining components and workflows, updated pattern learning with AI-powered insights, and fixed HTML escape sequences in performance optimization documentation.
Detailed API Documentation documentation/docs/api/core.md, documentation/docs/api/analyzers.md, documentation/docs/api/refactorers.md, documentation/docs/api/autofix.md, documentation/docs/api/patterns.md, documentation/docs/api/rag.md, documentation/docs/api/llm.md, documentation/docs/api/cicd.md	Added comprehensive API documentation covering core package (analysis, configuration, models), built-in analyzers, refactorers, autofix engine with concrete fixers, pattern learning system with learner/matcher/ranker, RAG system with chunker/parser/indexer/retriever, LLM orchestration, and CI/CD integration utilities.
Release Documentation documentation/docs/v1.0.15_DETAILED_CHANGELOG.md, documentation/docs/v1.0.15_RELEASE_NOTES.md	Added detailed v1.0.15 changelog documenting CLI refactor, new semantic intelligence features, repository management, observability metrics, and CI/CD integration with backward compatibility notes. Added release notes highlighting new features and improvements.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

documentation, ci-cd, size: x-large

Poem

🐰 Hops with glee through docs so bright,
Pages dance in pure delight,
Guides and APIs, all aligned,
Knowledge carefully refined,
Refactron now speaks crystal clear! ✨📚

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately summarizes the main objective: adding Mintlify documentation with Maple theme, which is the primary change across all modified files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/mintlify-documentation

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This pull request adds comprehensive Mintlify documentation with a Maple theme for Refactron. The PR migrates existing documentation from the documentation/docs/ directory into a new Mintlify-based documentation system with improved navigation, modern UI components (accordions, card groups, tabs), and an emerald color scheme with Space Grotesk typography.

Changes:

• Set up Mintlify documentation framework with Maple theme configuration
• Created complete documentation structure with Getting Started, Essentials, Guides, CLI Reference, API Reference, Advanced, and Resources sections
• Migrated and reformatted content from existing Markdown files to MDX format
• Added interactive documentation components (accordions, cards, code groups)
• Configured social media links and contextual AI integration options

Reviewed changes

Copilot reviewed 40 out of 55 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
docs/docs.json	Mintlify configuration with theme, colors, navigation structure, and social links
docs/introduction.mdx	Main landing page with feature overview and navigation cards
docs/quickstart.mdx	Quick start guide with 8-step workflow and code examples
docs/essentials/*.mdx	Installation, configuration, and authentication guides
docs/guides/*.mdx	Comprehensive guides for code analysis, refactoring, AI features, and pattern learning
docs/cli/commands.mdx	Complete CLI command reference with examples
docs/api-reference/*.mdx	Python API documentation and class references
docs/advanced/*.mdx	Advanced topics: performance, monitoring, CI/CD integration
docs/resources/*.mdx	FAQ and changelog
documentation/docs/*.md	Migrated release notes, changelogs, and technical documentation

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Extra spaces in changelog: "refactorers (6 total ):" has double spaces before the closing parenthesis. Should be "refactorers (6 total):"

Suggested change

	**Refactorers** (6 total ):
	**Refactorers** (6 total):

[Copilot]

Typo in method name: "detect_project_root ()" has an extra space before the parentheses. Should be "detect_project_root()"

Suggested change

	### detect_project_root ()
	### detect_project_root()

[Copilot]

Typo in command: "ref actron" should be "refactron"

Suggested change

	ref actron refactor myfile.py --type extract_constant
	refactron refactor myfile.py --type extract_constant

[Copilot]

Spacing issue: missing space between "my" and "project/" - should be "refactron report myproject/" not "refactron report my project/"

Suggested change

	refactron report my project/ --format html -o report.html
	refactron report myproject/ --format html -o report.html

[coderabbitai]

Actionable comments posted: 5

Note

Due to the large number of review comments, Critical, Major severity comments were prioritized as inline comments.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

documentation/docs/PATTERN_LEARNING.md (2)

480-489: ⚠️ Potential issue | 🟡 Minor

batch_learn example passes wrong argument type.

Per the API reference in patterns.md, batch_learn expects List[Tuple[RefactoringOperation, RefactoringFeedback]], but this example passes the raw output of storage.load_feedback(), which returns List[RefactoringFeedback]. This will confuse users.

Suggested fix

-# Load pending feedback
-feedback_list = storage.load_feedback()
-
-# Batch learn
-learner.batch_learn(feedback_list)
+# Build (operation, feedback) tuples for batch learning
+feedback_list = [
+    (operation, feedback)
+    for operation, feedback in zip(operations, feedbacks)
+]
+learner.batch_learn(feedback_list)

---

540-558: ⚠️ Potential issue | 🟡 Minor

GitHub Actions example uses outdated action versions (v2).

actions/checkout and actions/setup-python are at v4. Using v2 in documentation examples can lead users to adopt deprecated versions.

Suggested fix

-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4

-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v4

🤖 Fix all issues with AI agents

In `@docs/api-reference/overview.mdx`:
- Around line 233-245: The example implements the wrong analyzer method and
signature: replace MyCustomAnalyzer.analyze_file with the required BaseAnalyzer
method analyze and match its types (analyze(self, file_path: Path, source_code:
str) -> List[CodeIssue]) so the framework recognizes your analyzer; update the
example to import or reference Path and CodeIssue types and ensure the return is
a List[CodeIssue], then keep the usage
(refactron.analyzers.append(MyCustomAnalyzer())) the same.

In `@docs/essentials/authentication.mdx`:
- Around line 143-149: Update the inaccurate security claim in the
Authentication docs: change the sentence that says "Tokens are stored securely
in your system keychain" to accurately describe how credentials are currently
persisted (plain file under ~/.refactron/ with 0600 permissions as implemented
in refactron.core.credentials) and add a note that OS keychain integration is a
planned future enhancement; ensure the revised text references the current
storage location and permission model and removes the incorrect keychain
assertion.

In `@docs/guides/ai-features.mdx`:
- Around line 220-227: Replace the literal api_key entry in the YAML example in
docs/guides/ai-features.mdx with an environment-variable reference (follow the
same Groq pattern used elsewhere) so users are guided to set the key via env
vars instead of committing secrets; update the llm block (the `provider:
custom`, `endpoint`, and `api_key` example) to show something like referencing
an env var name (e.g., REFRACTRON_LLM_API_KEY) and add a short note telling
readers to set that env var in their environment or CI.

In `@documentation/docs/api/analyzers.md`:
- Around line 40-41: The docs show CPython-internal types (pathlib._local.Path)
in analyzer method signatures; update the documentation generator to normalize
private module class names to their public equivalents so signatures use
pathlib.Path. Specifically, modify the generator logic that formats type
annotations (affecting BaseAnalyzer.analyze, BaseAnalyzer.parse_astroid, and the
same methods on CodeSmellAnalyzer, ComplexityAnalyzer, DeadCodeAnalyzer,
DependencyAnalyzer, PerformanceAnalyzer, SecurityAnalyzer, and TypeHintAnalyzer)
to replace occurrences of "pathlib._local.Path" with "pathlib.Path" (and apply
the same normalization for other private-to-public mappings across
refactorers.md, patterns.md, core.md, cicd.md, and autofix.md). Ensure the
normalization runs before rendering so all 16 occurrences in analyzers.md (and
similar occurrences in other docs) are corrected.

In `@documentation/docs/CODE_OF_CONDUCT.md`:
- Around line 61-63: Replace the placeholder "[INSERT CONTACT EMAIL]" in
CODE_OF_CONDUCT.md with the project's actual reporting address (for example
"conduct@refactron.dev" or the designated maintainer contact) so the enforcement
stanza is actionable; search for the literal string "[INSERT CONTACT EMAIL]" in
the document and update it to the final contact email used for incident reports.

🟡 Minor comments (21)

documentation/docs/CLI_REFERENCE.md-401-421 (1)

401-421: ⚠️ Potential issue | 🟡 Minor

Contradictory default host for serve-metrics.

Line 411 example comment says # Start on 0.0.0.0:9090 but Line 416-417 describes the default as 127.0.0.1 for localhost-only. One of these is wrong — please verify and correct.

This matters for security: 0.0.0.0 binds to all interfaces (network-exposed), while 127.0.0.1 is localhost-only.

docs/resources/changelog.mdx-132-132 (1)

132-132: ⚠️ Potential issue | 🟡 Minor

Typo: extra whitespace in (6 total ).

There are two extra spaces before the closing parenthesis.

✏️ Fix

-**Refactorers** (6 total  ):
+**Refactorers** (6 total):

documentation/docs/CHANGELOG.md-356-361 (1)

356-361: ⚠️ Potential issue | 🟡 Minor

Placeholder GitHub URLs need to be updated.

Lines 358 and 361 reference https://github.com/yourusername/refactron which is a template placeholder. These should point to the actual repository.

✏️ Fix

-- [GitHub Repository](https://github.com/yourusername/refactron)
+- [GitHub Repository](https://github.com/Refactron-ai/Refactron_lib)
 - [Documentation](README.md)
 - [Contributing Guide](CONTRIBUTING.md)
-- [Issue Tracker](https://github.com/yourusername/refactron/issues)
+- [Issue Tracker](https://github.com/Refactron-ai/Refactron_lib/issues)

documentation/docs/CHANGELOG.md-313-320 (1)

313-320: ⚠️ Potential issue | 🟡 Minor

Version History table is missing recent versions.

The table only lists versions up to 1.0.1, omitting 1.0.13, 1.0.14, and 1.0.15 which are all documented above. This is inconsistent with the docs/resources/changelog.mdx which includes all versions in its summary table.

✏️ Add missing entries

 | Version | Date | Status | Highlights |
 |---------|------|--------|------------|
+| 1.0.15 | 2026-02-08 | **Stable** | AI/LLM integration, RAG system |
+| 1.0.14 | 2026-01-30 | **Stable** | CLI improvements |
+| 1.0.13 | 2026-01-30 | **Stable** | Pattern learning, performance |
 | 1.0.1 | 2025-12-28 | **Stable** | Expanded analyzers, false positive reduction, performance analyzer, improved test coverage |

docs/api-reference/refactron-class.mdx-222-222 (1)

222-222: ⚠️ Potential issue | 🟡 Minor

Extraneous space in method heading.

### detect_project_root () has a space before the parentheses. Should be ### detect_project_root().

Proposed fix

-### detect_project_root ()
+### detect_project_root()

docs/api-reference/refactron-class.mdx-106-108 (1)

106-108: ⚠️ Potential issue | 🟡 Minor

Example references non-existent RefactorResult attributes.

Based on the API reference in documentation/docs/api/core.md, RefactorResult has applied (bool) and operations but no success or backup_path attributes. This example will mislead users.

Proposed fix

-if result.success:
-    print(f"Applied {len(result.operations)} refactorings")
-    print(f"Backup: {result.backup_path}")
+if result.applied:
+    print(f"Applied {len(result.operations)} refactorings")

documentation/docs/TUTORIAL.md-18-18 (1)

18-18: ⚠️ Potential issue | 🟡 Minor

Broken link fragment — anchor mismatch with heading.

The link [AI-Powered Features (v1.0.15)](#ai-powered-features) won't resolve because the heading on Line 226 (## AI-Powered Features (v1.0.15)) generates an anchor like #ai-powered-features-v1015. Update the fragment to match, or simplify the heading to ## AI-Powered Features so the anchor matches.

Proposed fix (option A: fix the link)

-6. [AI-Powered Features (v1.0.15)](`#ai-powered-features`)
+6. [AI-Powered Features (v1.0.15)](`#ai-powered-features-v1015`)

Proposed fix (option B: simplify the heading)

-## AI-Powered Features (v1.0.15)
+## AI-Powered Features

documentation/docs/LLM_RAG_INTEGRATION.md-80-84 (1)

80-84: ⚠️ Potential issue | 🟡 Minor

Documentation generation command is inconsistent with other docs.

This page uses refactron docs generate myfile.py (line 81), but QUICK_REFERENCE.md documents it as refactron document <path>, and the detailed changelog lists it under the refactor.py module as document. Please align on the canonical command name.

documentation/docs/api/patterns.md-403-403 (1)

403-403: ⚠️ Potential issue | 🟡 Minor

pathlib._local.Path is an internal CPython type; use pathlib.Path in public docs.

Throughout this file (e.g., lines 403, 411, 475, 483, 638, 646, 695, 709, etc.), type signatures reference pathlib._local.Path. This is a CPython implementation detail (introduced when pathlib internals were reorganized) and not the public API users should reference. The documented type should be pathlib.Path.

Example fix (apply to all occurrences)

-ProjectPatternProfile(project_id: str, project_path: pathlib._local.Path, ...
+ProjectPatternProfile(project_id: str, project_path: pathlib.Path, ...

documentation/docs/QUICK_REFERENCE.md-43-44 (1)

43-44: ⚠️ Potential issue | 🟡 Minor

QUICK_REFERENCE.md uses incorrect CI/CD command name.

Line 44 documents the command as refactron ci <github|gitlab|pre-commit>, but the authoritative CLI_REFERENCE.md (lines 176-187) specifies the actual command as refactron generate-cicd {github|gitlab|pre-commit|all}. Update QUICK_REFERENCE.md line 44 to use the correct command name refactron generate-cicd.

docs/advanced/monitoring.mdx-93-99 (1)

93-99: ⚠️ Potential issue | 🟡 Minor

Default port inconsistency with CLI reference.

This page states the default port for serve-metrics is 9090 (Line 94), but docs/cli/commands.mdx (Line 400) documents the default as 8000. These need to be aligned to avoid user confusion.

docs/cli/commands.mdx-512-512 (1)

512-512: ⚠️ Potential issue | 🟡 Minor

Typo: ref actron should be refactron.

Proposed fix

-ref actron refactor myfile.py --type extract_constant
+refactron refactor myfile.py --type extract_constant

docs/quickstart.mdx-172-183 (1)

172-183: ⚠️ Potential issue | 🟡 Minor

Code block language mismatch: JSON content labeled as Python.

This tab contains a JSON object but uses the python language identifier. This will produce incorrect syntax highlighting and may confuse readers who expect Python code.

Proposed fix

-```python Python API
+```json Python API
 {
   "files_analyzed": 25,

docs/cli/commands.mdx-107-107 (1)

107-107: ⚠️ Potential issue | 🟡 Minor

Typo: stray space in path my project/.

All other examples in this file use myproject/ without a space. This is likely a typo that would cause a shell argument-splitting issue if copy-pasted without quoting.

Proposed fix

-refactron report my project/ --format html -o report.html
+refactron report myproject/ --format html -o report.html

docs/api-reference/overview.mdx-180-188 (1)

180-188: ⚠️ Potential issue | 🟡 Minor

Update class name in documentation to match codebase.

Line 181 documents the class as Issue, but the actual class in refactron/core/models.py is named CodeIssue. Update the example to use the correct name to prevent users from implementing against outdated documentation.

documentation/docs/ARCHITECTURE.md-361-364 (1)

361-364: ⚠️ Potential issue | 🟡 Minor

Update broken documentation links in ARCHITECTURE.md.

The referenced documentation links are incorrect:

• docs/api.md does not exist; the new API documentation is at docs/api-reference/overview.mdx
• CONTRIBUTING.md and examples/ exist at the repository root, but from documentation/docs/ARCHITECTURE.md they require the relative path prefix ../../

Update lines 362-364 to use correct relative paths or absolute references:

- [API Documentation](../../docs/api-reference/overview.mdx)
- [Contributing Guide](../../CONTRIBUTING.md)
- [Examples](../../examples/)

docs/advanced/monitoring.mdx-143-152 (1)

143-152: ⚠️ Potential issue | 🟡 Minor

Fix cli/commands.mdx to use flag-based syntax instead of subcommands.

The actual CLI implementation (refactron/cli.py lines 1971-2003) uses flag-based syntax (--enable, --disable, --status), which monitoring.mdx correctly documents. Update cli/commands.mdx lines 413-433 to show:

• refactron telemetry --status (not refactron telemetry status)
• refactron telemetry --enable (not refactron telemetry enable)
• refactron telemetry --disable (not refactron telemetry disable)

docs/docs.json-70-83 (1)

70-83: ⚠️ Potential issue | 🟡 Minor

Fix favicon path format and consider separate dark-mode logo.

Two issues:

1. Favicon path is missing the leading slash. Per Mintlify documentation, static asset paths should be root-relative (e.g., /logo/logo.svg). This is inconsistent with the logo paths that correctly use /logo/logo.png.
2. Light and dark logos reference the same file. If the logo design doesn't have sufficient contrast on dark backgrounds, provide a separate dark-mode variant.

Proposed fix for path consistency

-  "favicon": "logo/logo.svg",
+  "favicon": "/logo/logo.svg",

docs/advanced/ci-cd.mdx-113-123 (1)

113-123: ⚠️ Potential issue | 🟡 Minor

Invalid code block language identifier for pre-commit config.

Line 113 uses .pre-commit-config.yaml as the code fence language, which isn't a valid identifier. This should be yaml with the filename shown separately or as a Mintlify annotation.

Proposed fix

-```.pre-commit-config.yaml
+```yaml .pre-commit-config.yaml

docs/advanced/ci-cd.mdx-57-65 (1)

57-65: ⚠️ Potential issue | 🟡 Minor

Exit code capture pattern is fragile.

The || pattern on Line 60 means exit_code is only set when the command fails; on success, exit_code is unset and the if on Line 61 would error or behave unexpectedly. A more robust pattern:

Proposed fix

 - name: Analyze Code
   run: |
-    refactron analyze . --log-format json || exit_code=$?
-    if [ $exit_code -eq 1 ]; then
+    refactron analyze . --log-format json; exit_code=$?
+    if [ "$exit_code" -eq 1 ]; then
       echo "Critical issues found!"
       exit 1
     fi

docs/advanced/ci-cd.mdx-41-46 (1)

41-46: ⚠️ Potential issue | 🟡 Minor

Outdated GitHub Actions versions in example workflows.

The examples reference actions/checkout@v2, actions/setup-python@v2 (Lines 41, 44), and actions/cache@v2 (Line 150). These are significantly outdated — current versions are v4, v5, and v4 respectively. Users copying these templates will get deprecation warnings from GitHub.

Proposed fix

-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       
       - name: Set up Python
-        uses: actions/setup-python@v2
+        uses: actions/setup-python@v5
         with:
-          python-version: '3.9'
+          python-version: '3.12'

And at Line 150:

-    - uses: actions/cache@v2
+    - uses: actions/cache@v4

🧹 Nitpick comments (15)

documentation/docs/PERFORMANCE_OPTIMIZATION.md (2)

206-206: HTML entity < is unnecessary in a plain Markdown file.

In .md files, <10 renders correctly without escaping. The < entity is typically needed in MDX/JSX contexts. Since this is a .md file, you can use <10 directly.

Same applies to Line 291 (<1000).

✏️ Suggested fix

-- ❌ Small codebases (<10 files)
+- ❌ Small codebases (<10 files)

And at Line 291:

-### For Small Projects (<1000 files)
+### For Small Projects (<1000 files)

---

462-465: Documenting a private method (_cleanup_if_needed) in public-facing docs.

Line 464 references refactron.ast_cache._cleanup_if_needed(), which is a private/internal method. Exposing this in user-facing documentation couples users to an implementation detail that may change without notice.

Consider either omitting it or noting it as an internal/advanced API.

documentation/docs/CHANGELOG.md (1)

8-33: Inconsistent heading style for v1.0.15 entry.

The v1.0.15 entry uses ### v1.0.15 (2026-02-08) (h3, no brackets) while all other version entries use ## [x.y.z] - date (h2, with brackets). This breaks both the visual hierarchy and the Keep a Changelog link-reference convention.

Additionally, ### Changed on Line 29 is at the same heading level as ### v1.0.15, making it look like a sibling section rather than a subsection.

✏️ Suggested fix

-### v1.0.15 (2026-02-08)
+## [1.0.15] - 2026-02-08

-#### Added
+### Added
 ...
-#### Fixed
+### Fixed
 ...
-### Changed
+### Changed

documentation/docs/api/analyzers.md (2)

258-270: Inconsistent type annotation style for DependencyAnalyzer.

DependencyAnalyzer uses string-literal type hint 'RefactronConfig' and an explicit -> None return type on __init__, while every other analyzer uses the fully-qualified refactron.core.config.RefactronConfig without -> None. This inconsistency suggests the doc generation pulled from a differently-annotated source.

✏️ Normalize to match other analyzers

-DependencyAnalyzer(config: 'RefactronConfig') -> None
+DependencyAnalyzer(config: refactron.core.config.RefactronConfig)

-DependencyAnalyzer.__init__(self, config: 'RefactronConfig') -> None
+DependencyAnalyzer.__init__(self, config: refactron.core.config.RefactronConfig)

---

7-7: Empty ## Functions sections add noise.

Every analyzer module section has an empty ## Functions heading with no content beneath it (Lines 7, 67, 127, 187, 247, 307, 367, 427, 487). Consider removing these empty sections to reduce clutter, or populating them if there are module-level functions to document.

documentation/docs/SECURITY.md (1)

113-114: Security audit history may be stale.

The audit history table only contains entries from 2024-10-31. Consider updating this to reflect any more recent audits, or adding a note about the audit cadence, to maintain credibility of the security policy.

documentation/docs/api/core.md (2)

37-38: Internal type paths leak into public API docs.

Throughout this file, type annotations show pathlib._local.Path instead of pathlib.Path, and libcst._nodes.module.Module instead of libcst.Module. These are CPython implementation details exposed by the doc generator. Consider post-processing the generated output to normalize these to their public type names for readability.

This affects many signatures across the file (e.g., Lines 37, 69, 101, 120, 135, 445, 471, etc.).

---

757-787: Private helper functions exposed in public API documentation.

_normalize_base_url and _post_json are prefixed with _, indicating they are private implementation details. Public API documentation should typically exclude these to avoid confusing consumers and creating an implicit contract around internals.

documentation/docs/api/autofix.md (1)

265-281: Fixer __init__ docs show inherited params that don't match actual constructors.

For example, AddDocstringsFixer() signature shows no parameters, but the __init__ docstring describes name and risk_score params (inherited from BaseFixer). This pattern repeats for all 14 fixer classes. Consider having the doc generator suppress inherited parameter docs when the concrete class constructor doesn't accept them, to avoid confusing users.

documentation/docs/ARCHITECTURE.md (1)

9-25: Add a language specifier to the fenced code block.

The directory tree code block has no language tag, which triggers the MD040 lint rule. Use ```text or ```plaintext for non-code blocks.

Proposed fix

-```
+```text
 refactron/
 ├── core/                   # Core functionality

docs/essentials/installation.mdx (1)

39-41: Hardcoded version string will become stale.

The example output refactron, version 1.0.15 will need updating with each release. Consider using a placeholder like x.y.z or phrasing it as "You should see output similar to:" (which you already do on Line 37, so just update the version string to be generic).

documentation/docs/api/refactorers.md (2)

40-41: pathlib._local.Path exposes an internal module path in public docs.

All refactorer method signatures show pathlib._local.Path (e.g., Lines 40, 85, 130, 175, 220, 265) instead of the public pathlib.Path. This is an implementation detail (CPython internals) that will confuse users reading the API reference.

If this is auto-generated, consider configuring the doc generator to normalize internal paths to their public aliases. If manually authored, replace all occurrences with pathlib.Path.

---

7-8: Empty "Functions" sections add noise.

Every module section has an empty ## Functions block (Lines 7, 52, 97, 142, 187, 232, 277). If there are no module-level functions, consider removing these empty headings or suppressing them in the doc generator template.

docs/guides/pattern-learning.mdx (1)

57-63: Confusingly similar config keys: enable_pattern_learning vs pattern_learning_enabled.

These two option names (Lines 59-60) are nearly identical and the distinction between "master switch" and "learn from feedback" is subtle. If these mirror the actual config schema, consider adding a brief clarifying note or a table explaining the relationship (e.g., that pattern_learning_enabled is a sub-switch under enable_pattern_learning).

docs/guides/ai-features.mdx (1)

83-89: Hardcoded date in example output looks stale.

Line 87 shows Last updated: 2024-02-15 10:30:42. Consider using a more generic placeholder like 2025-01-15 or <timestamp> to avoid the example looking outdated.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Find BaseAnalyzer class definition
echo "=== Finding BaseAnalyzer class definition ==="
find . -type f -name "*.py" | xargs grep -l "class BaseAnalyzer"

Repository: Refactron-ai/Refactron_lib

Length of output: 154

---

🏁 Script executed:

#!/bin/bash
# Check ARCHITECTURE.md around line 85
echo "=== Checking ARCHITECTURE.md ==="
fd "ARCHITECTURE.md" -t f | head -5

Repository: Refactron-ai/Refactron_lib

Length of output: 153

---

🏁 Script executed:

#!/bin/bash
# Search for analyze method in BaseAnalyzer
echo "=== Searching for analyze methods in BaseAnalyzer ==="
rg "def analyze" --type py -A 3 | head -30

Repository: Refactron-ai/Refactron_lib

Length of output: 1686

---

🏁 Script executed:

#!/bin/bash
# Read the BaseAnalyzer class
echo "=== BaseAnalyzer class definition ==="
cat -n ./refactron/analyzers/base_analyzer.py

Repository: Refactron-ai/Refactron_lib

Length of output: 1352

---

🏁 Script executed:

#!/bin/bash
# Read ARCHITECTURE.md around line 85
echo "=== ARCHITECTURE.md context around line 85 ==="
sed -n '75,95p' ./documentation/docs/ARCHITECTURE.md

Repository: Refactron-ai/Refactron_lib

Length of output: 475

---

Example code shows incorrect analyze_file method signature.

The example at lines 233-245 shows analyze_file(self, file_path, ast_tree), but the actual BaseAnalyzer interface requires analyze(self, file_path: Path, source_code: str) -> List[CodeIssue]. Users following this example will implement the wrong method name and parameter types, causing their custom analyzers to be ignored at runtime.

🤖 Prompt for AI Agents

In `@docs/api-reference/overview.mdx` around lines 233 - 245, The example
implements the wrong analyzer method and signature: replace
MyCustomAnalyzer.analyze_file with the required BaseAnalyzer method analyze and
match its types (analyze(self, file_path: Path, source_code: str) ->
List[CodeIssue]) so the framework recognizes your analyzer; update the example
to import or reference Path and CodeIssue types and ensure the return is a
List[CodeIssue], then keep the usage
(refactron.analyzers.append(MyCustomAnalyzer())) the same.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Inaccurate claim: tokens are NOT stored in system keychain.

The Security section claims "Tokens are stored securely in your system keychain," but per the refactron.core.credentials module documentation, credentials are stored in a plain file under ~/.refactron/ with 0600 permissions, with a note that "OS keychain integration can be added later." This discrepancy could mislead users about their security posture.

Proposed fix

 <Info>
   Refactron follows security best practices:
-  - Tokens are stored securely in your system keychain
+  - Tokens are stored in a user-only readable file (~/.refactron/) with restricted permissions
   - API keys are never logged or displayed
   - All communication uses HTTPS
   - Authentication tokens expire after 30 days
 </Info>

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	<Info>
	Refactron follows security best practices:
	- Tokens are stored securely in your system keychain
	- API keys are never logged or displayed
	- All communication uses HTTPS
	- Authentication tokens expire after 30 days
	</Info>
	<Info>
	Refactron follows security best practices:
	- Tokens are stored in a user-only readable file (~/.refactron/) with restricted permissions
	- API keys are never logged or displayed
	- All communication uses HTTPS
	- Authentication tokens expire after 30 days
	</Info>

🤖 Prompt for AI Agents

In `@docs/essentials/authentication.mdx` around lines 143 - 149, Update the
inaccurate security claim in the Authentication docs: change the sentence that
says "Tokens are stored securely in your system keychain" to accurately describe
how credentials are currently persisted (plain file under ~/.refactron/ with
0600 permissions as implemented in refactron.core.credentials) and add a note
that OS keychain integration is a planned future enhancement; ensure the revised
text references the current storage location and permission model and removes
the incorrect keychain assertion.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

API key in YAML config encourages insecure practices.

Line 225 shows api_key: your-key directly in .refactron.yaml. This encourages users to commit secrets to version control. Recommend using an environment variable reference instead, consistent with the Groq setup pattern on Line 42.

Proposed fix

     llm:
       provider: custom
       endpoint: https://your-llm-api.com/v1
-      api_key: your-key
+      # Set via environment variable:
+      # export CUSTOM_LLM_API_KEY='your-key'

🤖 Prompt for AI Agents

In `@docs/guides/ai-features.mdx` around lines 220 - 227, Replace the literal
api_key entry in the YAML example in docs/guides/ai-features.mdx with an
environment-variable reference (follow the same Groq pattern used elsewhere) so
users are guided to set the key via env vars instead of committing secrets;
update the llm block (the `provider: custom`, `endpoint`, and `api_key` example)
to show something like referencing an env var name (e.g.,
REFRACTRON_LLM_API_KEY) and add a short note telling readers to set that env var
in their environment or CI.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# Check how many occurrences of pathlib._local exist in the docs
rg -c 'pathlib\._local' documentation/docs/api/

Repository: Refactron-ai/Refactron_lib

Length of output: 289

---

🏁 Script executed:

# Also check the specific file and lines mentioned
wc -l documentation/docs/api/analyzers.md

Repository: Refactron-ai/Refactron_lib

Length of output: 109

---

🏁 Script executed:

# View the problematic section around lines 40-41
sed -n '35,50p' documentation/docs/api/analyzers.md

Repository: Refactron-ai/Refactron_lib

Length of output: 450

---

🏁 Script executed:

# Check if the file has auto-generation markers
head -20 documentation/docs/api/analyzers.md

Repository: Refactron-ai/Refactron_lib

Length of output: 276

---

🏁 Script executed:

# Sample a few more occurrences to see the pattern across different lines
rg -n 'pathlib\._local' documentation/docs/api/analyzers.md | head -20

Repository: Refactron-ai/Refactron_lib

Length of output: 2003

---

🏁 Script executed:

# Check if there's a docs generation script
find documentation -name "*.py" -o -name "*.sh" | grep -i gen

Repository: Refactron-ai/Refactron_lib

Length of output: 52

---

Type signatures expose CPython internal pathlib._local.Path — should be pathlib.Path.

All 16 occurrences in this file reference pathlib._local.Path, which is a CPython implementation detail (introduced in 3.12). User-facing docs should display the public type pathlib.Path. This affects all eight analyzer classes across both their analyze() and parse_astroid() method signatures:

• BaseAnalyzer (lines 40, 55)
• CodeSmellAnalyzer (lines 100, 115)
• ComplexityAnalyzer (lines 160, 175)
• DeadCodeAnalyzer (lines 220, 235)
• DependencyAnalyzer (lines 280, 295)
• PerformanceAnalyzer (lines 340, 355)
• SecurityAnalyzer (lines 400, 415)
• TypeHintAnalyzer (lines 460, 475)

This pattern also occurs across other API documentation files (refactorers.md, patterns.md, core.md, cicd.md, autofix.md). Identify and update the documentation generation source to normalize private module paths to their public equivalents.

✏️ Example fixes

-BaseAnalyzer.analyze(self, file_path: pathlib._local.Path, source_code: str) -> List[refactron.core.models.CodeIssue]
+BaseAnalyzer.analyze(self, file_path: pathlib.Path, source_code: str) -> List[refactron.core.models.CodeIssue]

-BaseAnalyzer.parse_astroid(self, source_code: str, file_path: Optional[pathlib._local.Path] = None) -> Any
+BaseAnalyzer.parse_astroid(self, source_code: str, file_path: Optional[pathlib.Path] = None) -> Any

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	BaseAnalyzer.analyze(self, file_path: pathlib._local.Path, source_code: str) -> List[refactron.core.models.CodeIssue]
	```
	BaseAnalyzer.analyze(self, file_path: pathlib.Path, source_code: str) -> List[refactron.core.models.CodeIssue]

🤖 Prompt for AI Agents

In `@documentation/docs/api/analyzers.md` around lines 40 - 41, The docs show
CPython-internal types (pathlib._local.Path) in analyzer method signatures;
update the documentation generator to normalize private module class names to
their public equivalents so signatures use pathlib.Path. Specifically, modify
the generator logic that formats type annotations (affecting
BaseAnalyzer.analyze, BaseAnalyzer.parse_astroid, and the same methods on
CodeSmellAnalyzer, ComplexityAnalyzer, DeadCodeAnalyzer, DependencyAnalyzer,
PerformanceAnalyzer, SecurityAnalyzer, and TypeHintAnalyzer) to replace
occurrences of "pathlib._local.Path" with "pathlib.Path" (and apply the same
normalization for other private-to-public mappings across refactorers.md,
patterns.md, core.md, cicd.md, and autofix.md). Ensure the normalization runs
before rendering so all 16 occurrences in analyzers.md (and similar occurrences
in other docs) are corrected.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Placeholder [INSERT CONTACT EMAIL] must be replaced with an actual contact address.

The enforcement section is not actionable without a real email for reporting incidents. Replace [INSERT CONTACT EMAIL] with the project's designated contact (e.g., conduct@refactron.dev or a maintainer's email).

✏️ Example fix

 reported to the community leaders responsible for enforcement at
-[INSERT CONTACT EMAIL].
+conduct@refactron.dev.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	Instances of abusive, harassing, or otherwise unacceptable behavior may be
	reported to the community leaders responsible for enforcement at
	[INSERT CONTACT EMAIL].
	Instances of abusive, harassing, or otherwise unacceptable behavior may be
	reported to the community leaders responsible for enforcement at
	conduct@refactron.dev.

🤖 Prompt for AI Agents

In `@documentation/docs/CODE_OF_CONDUCT.md` around lines 61 - 63, Replace the
placeholder "[INSERT CONTACT EMAIL]" in CODE_OF_CONDUCT.md with the project's
actual reporting address (for example "conduct@refactron.dev" or the designated
maintainer contact) so the enforcement stanza is actionable; search for the
literal string "[INSERT CONTACT EMAIL]" in the document and update it to the
final contact email used for incident reports.