feat: stability improvements

.github/workflows/dart.yml

@@ -17,7 +17,7 @@ jobs:
       - uses: actions/checkout@v5
       - uses: dart-lang/setup-dart@v1.6.5
         with:
-          sdk: '3.9.0'
+          sdk: '3.10.0'
 
       - name: ⛓ Install Dependencies
         run: dart pub get
@@ -28,5 +28,23 @@ jobs:
       - name: 📊 Analyze
         run: dart analyze --fatal-infos --fatal-warnings .
 
+      - name: 🧪 Run Tests
+        run: dart test --coverage=coverage
+
+      - name: 📈 Generate Coverage Report
+        run: |
+          dart pub global activate coverage
+          dart pub global run coverage:format_coverage \
+            --lcov \
+            --in=coverage \
+            --out=coverage/lcov.info \
+            --report-on=lib
+
+      - name: 📈 Upload Coverage
+        uses: codecov/codecov-action@v4
+        with:
+          files: coverage/lcov.info
+          fail_ci_if_error: false
+
       - name: 📊 Run Pana
         run: dart pub global activate pana && dart pub global run pana

.gitignore

@@ -4,6 +4,7 @@
 .dart_tool/
 .packages
 build/
+pubspec.lock
 
 # Files generated during tests
 .test_coverage.dart
@@ -21,6 +22,9 @@ coverage/
 
 # Project
 .gemini/
+GEMINI.md
+ROADMAP.md
+RULES_CATEGORIZATION.md
 
 # Custom
 code_examples/

.pubignore

@@ -1,2 +1,15 @@
+# Documentation (hosted separately)
 docs/
+docs.json
+
+# GitHub files
 .github/
+
+# CI/CD configuration
+codecov.yml
+
+# Tests (not needed for package consumers)
+test/
+
+# Internal tooling
+tool/

README.md

@@ -10,6 +10,7 @@
     </picture>
     <p>Dart-based security-focused code analyzer which analyzes your Dart code for potential security flaws.</p>
     <a href="https://github.com/yardexx/dart_shield/actions/workflows/dart.yml"><img src="https://github.com/yardexx/dart_shield/actions/workflows/dart.yml/badge.svg" alt="Pipelines: GitHub Actions"/></a>
+    <a href="https://codecov.io/gh/yardexx/dart_shield"><img src="https://codecov.io/gh/yardexx/dart_shield/branch/master/graph/badge.svg" alt="Coverage"/></a>
     <a href="https://pub.dev/packages/very_good_analysis"><img src="https://img.shields.io/badge/style-very_good_analysis-B22C89.svg" alt="Style: Very Good Analysis"></a>
     <a href="https://www.gitbook.com/preview?utm_source=gitbook_readme_badge&utm_medium=organic&utm_campaign=preview_documentation&utm_content=link"><img src="https://img.shields.io/static/v1?message=Documented%20on%20GitBook&logo=gitbook&logoColor=ffffff&label=%20&labelColor=5c5c5c&color=3F89A1"/>
 </a>
@@ -63,12 +64,8 @@ To initialize `dart_shield` in your project, run the following command:
 dart_shield init
 ```
 
-This command creates a `shield_options.yaml` file in the root of your project. This file contains
-the configuration for `dart_shield`, which will be used during the analysis (similar to
-`analysis_options.yaml`).
-
-If a shield_options.yaml file already exists in your project and you want to recreate it, use the
-`-f` or `--force` flag:
+This command updates your `analysis_options.yaml` file to include the `dart_shield` configuration.
+If the `dart_shield` section already exists and you want to recreate it, use the `-f` or `--force` flag:
 
 ```bash
 dart_shield init -f
@@ -87,51 +84,30 @@ dart_shield analyze .
 dart_shield analyze lib
 ```
 
-This command analyzes your Dart code based on the configuration in the shield_options.yaml file.
-If the configuration file is not found, the command will fail.
+This command analyzes your Dart code for security issues.
 
 # Configuration
 
-The `shield_options.yaml` file contains configuration options, primarily rules, for `dart_shield`.
-The configuration is similar to the `analysis_options.yaml` file, making it familiar to those who
-have
-used Dart analysis tools.
+Configuration is done through your `analysis_options.yaml` file using the `dart_shield` key.
+This approach follows Dart conventions and keeps all analysis configuration in one place.
 
-Example of the `shield_options.yaml` file:
+Example configuration in `analysis_options.yaml`:
 
 ```yaml
-# This is a sample configuration file for dart_shield.
-# ⚠️ Configuration file must be named `shield_options.yaml` and placed in the root of the project.
-
-# shield_options.yaml is file with structure similar to analysis_options.yaml and it defines the
-#  rules that dart_shield will use to analyze your code.
-
-# The `shield` key is required.
-shield:
-
-  # List of excluded files or directories from being analyzed
-  exclude:
-    # Exclude a file using path (path begins at the root of the project):
-    - 'lib/ignored.dart'
-    # Globs are also supported
-    - '**.g.dart'
-
-  # List of rules that dart_shield will use to analyze your code
-  rules:
-    - prefer_https_over_http.dart
-    - avoid_hardcoded_secrets
-
-  # Some rules need more fine-tuning and are marked as experimental.
-  # You can enable them by setting `enable_experimental` to `true`.
-  enable_experimental: true
-
-  # List of experimental rules that dart_shield will use to analyze your code
-  # ⚠️ Experimental rules are subject to change and may not be as stable as regular rules.
-  # ⚠️ Using "experimental_rules" without setting "enable_experimental" to "true" will cause an error.
-  experimental_rules:
-    - avoid_hardcoded_urls
-    - avoid_weak_hashing
-    - prefer_secure_random
+# Enable dart_shield as an analyzer plugin
+analyzer:
+  plugins:
+    - dart_shield
+
+# dart_shield configuration
+dart_shield:
+  analyzers:
+    code: true  # Enable code analysis
+
+  # Future options:
+  # exclude:
+  #   - 'lib/generated/**'
+  #   - '**.g.dart'
 ```
 
 # Rules