AI code reviewer that roasts your code with humor and honesty.
👉 Support us on Product Hunt | Get notified when we launch!
roast is a CLI tool that uses Claude to review your code and deliver feedback that's accurate, funny, and useful. Think Gordon Ramsay meets your senior developer.
Before:
You: "Is this code good?"
Brain: "Probably fine..."
*ships to production*
*everything breaks*
After:
$ roast bubble-sort.js🔥 Oh boy, bubble sort in 2026? What's next, a floppy disk driver?
🔥 This function mutates the input array. That's like borrowing
someone's car and returning it as a motorcycle.
💡 Use Array.prototype.toSorted() if you're on Node 20+
Real problems:
- Code reviews take days
- Teammates are too nice to be honest
- You're working solo with no feedback
- CI catches bugs after you commit
- Writing tests doesn't catch design issues
roast gives you instant, brutally honest feedback before you commit. Use roast mode for your own code, serious mode for team reviews.
| Feature | roast-cli | ESLint | SonarQube | GitHub Copilot |
|---|---|---|---|---|
| Setup time | 0 sec (npx) | Minutes | Hours | GitHub account |
| Personality | Gordon Ramsay 🔥 | Dry/technical | Corporate | Helpful AI |
| Entertainment | ✅ High | ❌ None | ❌ None | 🤷 Varies |
| Code quality | ✅ Real feedback | ✅ Strict rules | ✅ Deep analysis | ✅ Suggestions |
| Use case | Quick laugh + insight | Enforce standards | Team quality | Code assistance |
| Cost | Free | Free | Paid tiers | $10/mo |
Key Differentiator: We're the only tool that makes code review fun. Use us alongside your linter, not instead of it.
npm install -g @muin/roastOr run without installing:
npx @muin/roast your-file.jsGet your Anthropic API key at console.anthropic.com
export ANTHROPIC_API_KEY="your-key-here"Add to ~/.bashrc or ~/.zshrc to make it permanent.
roast src/app.jsOutput:
🔥 CODE ROAST 🔥
Victim: bubble-sort.js (JavaScript)
──────────────────────────────────────────────────
🔥 Oh boy, bubble sort in 2026? What's next, a floppy disk driver?
🔥 This function mutates the input array. That's like borrowing
someone's car and returning it as a motorcycle.
💡 Use Array.prototype.toSorted() if you're on Node 20+, or
at least clone the array first: const sorted = [...arr]
🔥 No input validation. Passing a string? Enjoy your runtime error.
✨ At least you got the algorithm right. It's bad, but it's
correctly bad.
──────────────────────────────────────────────────
Roasted with ❤️ by Claude
roast --serious src/app.jsOutput:
📋 Professional Code Review
File: api-handler.js (JavaScript)
──────────────────────────────────────────────────
🚨 No input sanitization on user data - SQL injection risk
⚠️ Synchronous file operations will block the event loop
💡 Consider using async/await with fs.promises
✅ Good error handling structure
──────────────────────────────────────────────────
roast --model claude-opus-4 src/app.jsJavaScript, TypeScript, Python, Go, Rust, Java, C, C++, Ruby, PHP, Swift, Kotlin, Shell, SQL, HTML, CSS, and more.
-s, --serious Professional review mode (no humor)
--severity <level> Roast severity: mild, medium, harsh (default: medium)
-m, --model <model> AI model to use (default: claude-sonnet-4-5)
--no-color Disable colors
-V, --version Output version
-h, --help Display help
Mild (😊 Be Nice Mode): Friendly, encouraging feedback. Perfect for beginners or when you want constructive criticism with a supportive tone.
roast --severity mild src/app.jsMedium (🔥 Default): Balanced mix of humor and criticism. Sarcastic but helpful, like a senior dev at code review.
roast src/app.js
# or explicitly:
roast --severity medium src/app.jsHarsh (💀 No Mercy): Brutally honest, savage roasts. Only use this if you can handle the truth. Gordon Ramsay mode.
roast --severity harsh src/app.js$ roast src/utils/array-helpers.js
🔥 CODE ROAST 🔥
Victim: array-helpers.js (JavaScript)
──────────────────────────────────────────────────
🔥 You wrote a custom array flatten function? Array.flat()
has been in JavaScript since 2019. ES2019 is not "too new."
🔥 uniqueArray uses indexOf in a loop - O(n²) complexity.
Set([...arr]) is O(n) and already built in.
💡 Half these functions are one-liners with modern JS:
flatten: arr.flat()
unique: [...new Set(arr)]
last: arr.at(-1)
✨ At least they work correctly. But you've essentially
reinvented lodash, poorly.
──────────────────────────────────────────────────$ roast --serious src/api/auth.ts
📋 Professional Code Review
File: auth.ts (TypeScript)
──────────────────────────────────────────────────
🚨 Password comparison using === instead of timing-safe compare
Risk: Timing attacks could leak password information
⚠️ JWT secret loaded from process.env without fallback check
Will crash on startup if JWT_SECRET is not set
💡 Consider using express-validator for input sanitization
✅ Good: Proper async/await usage throughout
✅ Good: TypeScript types are well-defined
⚠️ Token expiration set to 30 days - consider shorter duration
for sensitive operations
──────────────────────────────────────────────────$ cat suspicious-code.py | roast
🔥 CODE ROAST 🔥
Victim: stdin (Python)
──────────────────────────────────────────────────
🔥 eval() on user input? That's not a security vulnerability,
that's a welcome mat for hackers.
🔥 Bare except: catches everything including KeyboardInterrupt.
You can't even Ctrl+C out of this disaster.
🔥 Global variables modified inside functions with no documentation.
Reading this code is like a mystery novel where the butler did it,
but also the gardener, and maybe the protagonist.
💡 Use ast.literal_eval() for safe evaluation, or better yet,
json.loads() if you're parsing data.
──────────────────────────────────────────────────$ git diff src/payment-processor.js | roast --serious
📋 Professional Code Review
──────────────────────────────────────────────────
🚨 Changed error handling to swallow exceptions silently
Original code logged errors, new code hides them
⚠️ Removed input validation for transaction amount
Could now process negative or NaN values
🚨 API timeout increased from 5s to 60s
May cause cascading failures under load
Recommendation: These changes reduce system reliability.
Suggest reverting the exception handling changes.
──────────────────────────────────────────────────$ roast --model claude-opus-4 src/distributed-lock.go
🔥 CODE ROAST 🔥
Victim: distributed-lock.go (Go)
──────────────────────────────────────────────────
🔥 Your distributed lock implementation has a race condition
between checking and acquiring. Classic "check-then-act" bug.
🔥 Lock timeout is hardcoded to 10 seconds. Production load
spikes will turn this into a deadlock factory.
💡 Redis SETNX is atomic - use it directly instead of GET + SET.
Or better yet, use Redlock algorithm for multi-node safety.
🔥 Panic on Redis connection error. In distributed systems,
network failures are features, not exceptions.
✨ Good use of context for cancellation. That's the one part
that won't cause a 3 AM page.
──────────────────────────────────────────────────$ roast --severity mild beginner-script.py
😊 Friendly Code Review
Victim: beginner-script.py (Python)
──────────────────────────────────────────────────
💡 Great start! Your code works, which is the most important part.
💛 Small improvement: Instead of opening files without 'with',
try using context managers:
with open('file.txt', 'r') as f:
data = f.read()
This automatically closes the file for you!
💡 You're using global variables. As your program grows,
consider passing data as function parameters instead.
✨ Your variable names are clear and descriptive. Keep that up!
──────────────────────────────────────────────────$ roast --severity harsh legacy-spaghetti.php
💀 BRUTAL CODE ROAST 💀
Victim: legacy-spaghetti.php (PHP)
──────────────────────────────────────────────────
💀 This code is a war crime. The Geneva Convention should cover this.
💀 mysql_* functions were deprecated 11 years ago. This isn't
legacy code, it's a fossil.
💀 SQL injection vulnerabilities everywhere. You're concatenating
user input into queries like it's 1999. It was bad in 1999 too.
💀 Password stored in plaintext. Just... why? WHY?!
💀 4 levels of nested if statements with no clear logic. This is
a crime scene where the detective gave up and went home.
💀 Variable names like $a, $tmp, $data2. Were descriptive names
too expensive?
Reality check: This needs a complete rewrite. I'm not even sure
where to start. Maybe with fire.
──────────────────────────────────────────────────
Roasted with absolute honesty by Claude$ roast src/components/UserDashboard.tsx
🔥 CODE ROAST 🔥
Victim: UserDashboard.tsx (TypeScript/React)
──────────────────────────────────────────────────
🔥 850 lines in one component. This isn't a component, it's a
monolith. Break it down before it breaks you.
🔥 useEffect with 12 dependencies? That's not reactive programming,
that's chaos with extra steps.
💡 Extract at least 4 sub-components:
- UserHeader
- ActivityFeed
- SettingsPanel
- NotificationCenter
🔥 Inline styles everywhere instead of styled-components or CSS modules.
Your future self will hate present you.
✨ Props are properly typed. That's good! Now use that discipline
everywhere else.
──────────────────────────────────────────────────$ roast deploy.sh
🔥 CODE ROAST 🔥
Victim: deploy.sh (Shell)
──────────────────────────────────────────────────
🔥 No 'set -e' at the top. If step 1 fails, steps 2-10 will
still run and cause chaos.
🔥 rm -rf without any confirmation? Living dangerously, I see.
💡 Add error handling:
set -euo pipefail
This will:
- Exit on error (e)
- Fail on undefined variables (u)
- Catch errors in pipes (pipefail)
🔥 Hardcoded paths and credentials. Use environment variables:
${DB_HOST:-localhost}
✨ At least you have comments. That's rare for shell scripts.
──────────────────────────────────────────────────$ roast db/queries.sql
🔥 CODE ROAST 🔥
Victim: queries.sql (SQL)
──────────────────────────────────────────────────
🔥 SELECT * in production queries. Your DBA is crying somewhere.
List the exact columns you need.
🔥 No indexes on the WHERE clause columns. This will be fast now
with 100 rows. With 1,000,000 rows? Enjoy your 30-second queries.
💡 Add indexes:
CREATE INDEX idx_users_email ON users(email);
CREATE INDEX idx_orders_user_created ON orders(user_id, created_at);
🔥 LEFT JOIN without understanding why. If you need all rows from
both tables, that's a FULL JOIN (or you don't actually need all rows).
✨ Query is at least readable and properly formatted.
──────────────────────────────────────────────────$ roast src/main.rs
🔥 CODE ROAST 🔥
Victim: main.rs (Rust)
──────────────────────────────────────────────────
🔥 .unwrap() everywhere. You learned Rust yesterday, didn't you?
💡 Use proper error handling:
// Instead of:
let file = File::open("data.txt").unwrap();
// Use:
let file = File::open("data.txt")?;
// or
let file = File::open("data.txt")
.expect("Failed to open data.txt");
🔥 Cloning everything to avoid fighting the borrow checker.
That's like buying a sports car and only driving in first gear.
✨ You're using match instead of if-let. Good! Pattern matching
is the way.
💡 Learn lifetimes. They're scary at first, but they'll save you
from these clones.
──────────────────────────────────────────────────# About to commit that refactor you've been working on
$ git diff HEAD src/auth.js | roast
🔥 You're exporting the private key in plaintext? Bold strategy.
🔥 This regex will match "admin@evil.com" as a valid admin email.
Better tighten that up unless you're running a very open company.
💡 hash.compare() is async but you're not awaiting it. This will
always return true. Always. Every time. 100% authentication success rate!
# ...okay maybe I should test this first$ roast src/hotfix-do-not-touch.js
🔥 File name is literally "do-not-touch.js" - that's a red flag
wrapped in another red flag
🔥 You're catching errors and logging "it broke lol". When production
is on fire, your logs will just say "it broke lol" repeated 50,000 times.
🔥 This setTimeout is set to 86400000ms. That's 24 hours. Hope nobody's
waiting for this response.
✨ The actual logic is... fine? But please, for the love of debugging,
add better error messages.$ curl -s https://example.com/tutorial.js | roast
🔥 This tutorial is using var in 2026. It was written during the
Mesozoic Era and hasn't been updated since.
⚠️ jQuery is loaded from an HTTP URL. That's a mixed content warning
waiting to happen.
💡 Modern replacement using fetch() would be 10 lines and zero
dependencies. Just saying.# Just picked up Rust, wrote first program
$ roast hello.rs --serious
📋 Professional Code Review
──────────────────────────────────────────────────
✅ Proper error handling with Result type
⚠️ .unwrap() on line 8 will panic on error. Consider using
expect() with a meaningful message, or propagate with ?
💡 String ownership is correct, but you're cloning unnecessarily
on line 12. Use a reference: &user_name
✅ Good use of match for control flow
Overall: Solid first program. Remove the unwrap() and you're good to go.$ roast legacy/customer-import-final-v3-NEW-USE-THIS.php
🔥 Based on the filename, this has been "final" at least 3 times.
That's not a good sign.
🔥 mysql_connect() was deprecated in PHP 5.5 (2013) and removed in
PHP 7 (2015). This code is old enough to vote.
🔥 SQL query is concatenating user input directly. This is how
Little Bobby Tables drops your database.
🔥 No password hashing - passwords stored in plaintext. In the
event of a breach, this is "directly to jail, do not pass go" territory.
💡 Complete rewrite recommended. Start fresh with PDO and password_hash().
This is beyond roasting, this needs a Viking funeral.# Check if the new junior's code matches your style
$ roast --serious src/components/UserCard.jsx
📋 Professional Code Review
──────────────────────────────────────────────────
⚠️ Component is 450 lines long. Consider splitting into smaller pieces.
⚠️ Inline styles instead of CSS modules/styled-components
💡 Three useState hooks could be combined into useReducer
✅ Proper PropTypes definitions
✅ Good accessibility attributes (aria-labels, roles)
⚠️ useEffect missing dependency 'userId' - will cause stale closures
Recommendation: Works, but needs refactoring before it grows larger.Working alone? No team to review your code? roast fills that gap.
$ roast src/new-feature.jsBenefit: Catch bugs, security issues, and bad patterns before they hit production. Get a second pair of (AI) eyes on your work.
When to use:
- Before committing new features
- After refactoring
- When learning a new language/framework
- Before deploying to production
Picked up a new language? roast teaches by critiquing.
# First Python script
$ roast my_first_app.py
# First Rust program
$ roast --serious main.rsBenefit: Learn best practices, idioms, and common pitfalls by seeing them in your own code. Use --severity mild for encouragement while learning.
Add roast to your git hooks to enforce quality before commits.
# .git/hooks/pre-commit
#!/bin/bash
git diff --cached --name-only --diff-filter=ACM | \
grep -E '\.(js|ts|py|go)$' | \
xargs -I {} roast --serious {} || exit 1Benefit: Automate code quality checks. Catch issues before CI, before code review, before your team sees them.
Just joined a team with a large codebase? Use roast to understand patterns.
$ roast src/core/auth-handler.js --seriousThe AI will explain what the code does, highlight concerns, and suggest improvements. It's like having a senior dev walk you through the code.
Benefit: Faster onboarding. Understand existing patterns and anti-patterns.
Inherited a legacy project? Get an honest assessment of what you're dealing with.
$ roast legacy/modules/payment-v1.php --severity harshBenefit: Prioritize refactoring. Know what's salvageable and what needs rewriting.
Teaching someone to code? Show them what good vs. bad looks like.
# Student's code
$ roast student-assignment.py --severity mild
# Show them both roast and serious mode
$ roast --serious student-assignment.pyBenefit: Consistent, patient feedback. Teaches best practices without judgment.
Before requesting a PR review from teammates, run roast to catch obvious issues.
$ git diff main...feature-branch | roast --seriousFix the issues roast finds, THEN request human review.
Benefit: Don't waste teammates' time on trivial issues. Submit cleaner PRs. Build a reputation for quality.
Create shortcuts for frequent roast scenarios:
# Add to ~/.bashrc or ~/.zshrc
alias roast-js='roast --serious'
alias roast-diff='git diff | roast --serious'
alias roast-mild='roast --severity mild'
alias roast-harsh='roast --severity harsh'Now just type:
$ roast-diff # Review uncommitted changes
$ roast-js src/app.js # Serious reviewUse shell loops for bulk reviews:
# Review all JavaScript files in src/
for file in src/**/*.js; do
echo "=== $file ==="
roast --serious "$file"
done
# Or with find
find src -name "*.py" -exec roast --serious {} \;Save results:
for file in src/**/*.js; do
roast --serious "$file" > "reviews/$(basename $file).review.txt"
doneRoasting uses Anthropic's API. To reduce costs:
a) Review only changed files:
git diff --name-only | grep -E '\.(js|ts|py)$' | xargs -I {} roast {}b) Use haiku model for simple reviews (modify source code):
// In lib/roast.js, change:
model: 'claude-haiku-4-5' // Faster, cheaper, less detailedc) Review smaller code sections:
# Instead of entire 1000-line file
$ head -100 large-file.js | roastFor files you review repeatedly:
# Save review for later reference
$ roast src/utils.js > reviews/utils-2026-02-08.txt
# Compare with previous review
$ diff reviews/utils-2026-02-01.txt reviews/utils-2026-02-08.txtPre-commit hook (review before committing):
#!/bin/bash
# .git/hooks/pre-commit
git diff --cached --name-only | \
grep -E '\.(js|ts)$' | \
xargs -I {} roast --serious {}
read -p "Proceed with commit? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
exit 1
fiPre-push hook (final check before pushing):
#!/bin/bash
# .git/hooks/pre-push
git diff origin/main...HEAD --name-only | \
grep -E '\.(py|js|go)$' | \
xargs -I {} roast --serious {} > /tmp/pre-push-review.txt
cat /tmp/pre-push-review.txtUse GNU parallel for speed:
# Install: brew install parallel (macOS) or apt-get install parallel (Linux)
# Review all files in parallel (4 at a time)
find src -name "*.js" | parallel -j 4 roast --serious {} > reviews.txtDon't roast everything. Focus on:
New/changed files:
git diff --name-only main | xargs -I {} roast {}Complex files (high line count):
find src -name "*.js" -exec wc -l {} \; | \
sort -rn | head -10 | \
awk '{print $2}' | xargs -I {} roast {}Files with recent bugs (from git history):
git log --format=format: --name-only | \
sort | uniq -c | sort -rn | \
head -10 | awk '{print $2}' | \
xargs -I {} roast --serious {}Problem:
$ roast src/app.js
💥 Error: ANTHROPIC_API_KEY environment variable is requiredSolutions:
a) Set for current session:
export ANTHROPIC_API_KEY="sk-ant-your-key-here"b) Make it permanent (add to shell config):
# For bash
echo 'export ANTHROPIC_API_KEY="sk-ant-your-key"' >> ~/.bashrc
source ~/.bashrc
# For zsh
echo 'export ANTHROPIC_API_KEY="sk-ant-your-key"' >> ~/.zshrc
source ~/.zshrcc) Get your API key: Visit console.anthropic.com/settings/keys
Problem:
$ roast src/app.js
💥 Error: ENOENT: no such file or directorySolutions:
a) Check the file path:
$ ls -la src/app.js # Verify file existsb) Use absolute path:
$ roast /full/path/to/src/app.jsc) Check current directory:
$ pwd
$ roast ./src/app.jsProblem:
$ roast my-code.js
🔥 CODE ROAST 🔥
──────────────────────────────────────────────────
This code looks fine.
──────────────────────────────────────────────────Solutions:
a) File might be too small/simple:
# The code might genuinely be fine!
$ wc -l my-code.js # Check line countb) Language not detected. Rename file with proper extension:
$ mv script script.py # Add .py extension
$ roast script.pyc) Use verbose mode (if available) or try serious mode:
$ roast --serious my-code.jsProblem:
$ roast --severity extreme src/app.js
💥 Error: Invalid severity level: extreme
Valid options: mild, medium, harshSolutions:
a) Use valid severity:
$ roast --severity harsh src/app.jsb) Check available options:
$ roast --helpProblem:
$ npm install -g @muin/roast
$ roast src/app.js
zsh: command not found: roastSolutions:
a) Check npm global bin directory is in PATH:
$ npm config get prefix
# Should show something like /usr/local or ~/.npm-global
$ echo $PATH
# Should include the bin directory from aboveb) Fix PATH (add to ~/.bashrc or ~/.zshrc):
export PATH="$PATH:$(npm config get prefix)/bin"
source ~/.bashrc # or ~/.zshrcc) Use npx instead (doesn't require global install):
$ npx @muin/roast src/app.jsProblem:
$ roast src/app.js
💥 Error: rate_limit_error: You have exceeded your API rate limitSolutions:
a) Wait a minute and retry (Anthropic has per-minute limits)
b) Check your rate limits: Visit console.anthropic.com/settings/limits
c) For batch processing, add delays:
for file in src/*.js; do
roast "$file"
sleep 3 # Wait 3 seconds between calls
doned) Upgrade to higher tier if you hit limits regularly
Problem:
$ roast src/app.js
[31m🔥[0m [1mCODE ROAST[0m...Solutions:
a) Disable colors:
$ roast --no-color src/app.jsb) Check terminal color support:
$ echo $TERM
# Should be xterm-256color or similar
# If it's 'dumb', set it:
export TERM=xterm-256colorc) Redirect to file (colors auto-disabled):
$ roast src/app.js > review.txtProblem:
$ roast very-large-file.js
# ...waiting forever...Solutions:
a) File might be too large. Claude has token limits (~100k tokens ≈ 75k words).
Check file size:
$ wc -l very-large-file.js
5000 very-large-file.js # Too large!b) Split into smaller files:
$ split -l 500 large-file.js part-
$ roast part-aa
$ roast part-abc) Review only a section:
$ head -300 large-file.js | roast # First 300 linesd) Check Anthropic API status:
$ curl -I https://api.anthropic.comProblem:
$ roast --model claude-opus-99 src/app.js
💥 Error: model 'claude-opus-99' not foundSolutions:
a) Use a valid model name:
$ roast --model claude-sonnet-4-5 src/app.js
$ roast --model claude-opus-4 src/app.js
$ roast --model claude-haiku-4-5 src/app.jsb) Check available models at docs.anthropic.com
c) Omit the flag to use default:
$ roast src/app.js # Uses default modelProblem:
$ roast src/app.js
💥 Error: connect ETIMEDOUTSolutions:
a) Check internet connection:
$ ping api.anthropic.comb) Check if firewall/VPN is blocking:
$ curl https://api.anthropic.comc) Set proxy if behind corporate firewall:
export HTTP_PROXY=http://proxy.company.com:8080
export HTTPS_PROXY=http://proxy.company.com:8080Problem:
C:\> npm install -g @muin/roast
Error: EACCES: permission deniedSolutions:
a) Run as Administrator (PowerShell):
# Right-click PowerShell → "Run as Administrator"
PS> npm install -g @muin/roastb) Or use npx (no install needed):
PS> npx @muin/roast src/app.jsProblem:
$ roast legacy-code.php
💥 Error: Invalid UTF-8 sequenceSolutions:
a) Convert file to UTF-8:
$ iconv -f ISO-8859-1 -t UTF-8 legacy-code.php > legacy-code-utf8.php
$ roast legacy-code-utf8.phpb) Check current encoding:
$ file legacy-code.php
legacy-code.php: PHP script, ISO-8859 textYes. When you run roast, the file contents are sent to Anthropic's Claude API for analysis.
Security note: Do NOT roast files containing:
- API keys, passwords, or secrets
- Proprietary algorithms (if you have strict confidentiality agreements)
- PII (personally identifiable information) in test data
- Anything you wouldn't share with a third party
Anthropic's privacy policy: https://www.anthropic.com/legal/privacy
roast itself is free and open-source. However, it uses Anthropic's Claude API which has usage costs:
- Free tier: $5 credit (enough for ~100-300 roasts depending on file size)
- After that: ~$0.01-0.05 per roast (1-5 cents)
- Monthly estimate: If you roast 20 files/day: ~$10-30/month
Check pricing: https://www.anthropic.com/pricing
No. roast requires internet connection to reach Anthropic's API.
Alternatives for offline:
- Set up a local LLM (complex, beyond scope)
- Use traditional linters (eslint, pylint, etc.)
- Manual code review
Roast mode: Sarcastic and blunt, but never personal. It criticizes code, not people.
Serious mode: Professional, no humor.
Severity levels:
- Mild: Friendly and encouraging
- Medium: Sarcastic but constructive (default)
- Harsh: Very direct, can be brutal
Use --serious for team PRs or --severity mild for beginners.
Yes, when used correctly:
✅ Catches security issues (SQL injection, XSS, unsafe eval)
✅ Identifies performance problems (O(n²) loops, memory leaks)
✅ Highlights maintainability issues (long functions, tight coupling)
✅ Suggests modern best practices
✅ Teaches by explaining WHY something is bad
But:
- AI can miss context-specific issues
- It's a tool, not a replacement for human review
- Always verify suggestions before applying
Currently: Severity levels (mild/medium/harsh) and serious mode.
Not yet: Custom roast personas (e.g., "roast like Linus Torvalds" or "review like Uncle Bob").
Future: Customizable prompts/styles are on the roadmap.
✅ JavaScript / TypeScript / Node.js
✅ Python
✅ Go
✅ Rust
✅ Java / Kotlin
✅ C / C++
✅ Ruby
✅ PHP
✅ Swift
✅ Shell / Bash
✅ SQL
✅ HTML / CSS
✅ And more...
Claude has broad training, so even niche languages often get good results.
Yes! The AI understands framework-specific patterns:
- React: Hooks, component structure, props, state management
- Django: ORM patterns, views, middleware
- Express: Route handlers, middleware, error handling
- Rails: ActiveRecord, controllers, migrations
- etc.
It will roast framework-specific anti-patterns (e.g., prop drilling in React, N+1 queries in ORMs).
Yes, but:
✅ Great for initial screening
✅ Catches obvious bugs and security issues
✅ Ensures code meets basic quality standards
- Business logic validation
- Architecture decisions
- Team-specific conventions
- Nuanced judgment calls
Best practice: Use roast --serious BEFORE requesting human review. Fix what it finds, then get human eyes on it.
Yes, slightly. AI models have some randomness (temperature setting).
Typically:
- Core issues will always be flagged
- Phrasing may vary
- Severity of roast may differ slightly
For consistent results, use --serious mode which is more deterministic.
Absolutely! Contributions are very welcome:
- Report bugs via GitHub Issues
- Suggest features
- Submit pull requests
- Improve roast quality
- Add language support
- Write tests
See Contributing section.
No local storage. roast doesn't save files or reviews on your machine (unless you manually redirect output).
API-side: Anthropic may temporarily log requests for abuse prevention. Check their privacy policy for retention details.
- Share your roasts - They're designed to be screenshot-friendly
- Use serious mode for PRs - Save the humor for your own code
- Review before committing - Catch bugs before your CI does
- Roast legacy code - Therapeutic and educational
- Pipe from git diff - Review only what changed:
git diff | roast - Works with stdin -
cat sketch.py | roastorpbpaste | roast
Create project-specific wrappers:
# scripts/review.sh
#!/bin/bash
find src -name "*.js" -mtime -1 | xargs -I {} roast --serious {}Combine with other tools:
# Lint first, then roast
$ eslint src/app.js && roast src/app.js
# Roast, then test
$ roast src/app.js && npm testTeam usage:
# Add to CI pipeline
- name: AI Code Review
run: |
git diff origin/main...HEAD --name-only | \
grep -E '\.(js|ts|py)$' | \
xargs -I {} npx @muin/roast --serious {}- JSON output mode - Structured output for CI integration
- Config file support -
.roastrcfor defaults (severity, model, etc.) - Multi-file batch mode -
roast src/*.jsin one API call - Ignore patterns -
.roastignorelike.gitignore - Diff mode - Compare changes:
roast --diff main...feature
- Custom roast personalities - "Roast like Linus", "Review like Uncle Bob"
- Fix suggestions with diffs - Show exact code changes to apply
- Performance scoring - Rate code quality 0-100
- Security scan mode - Focus on vulnerabilities only
- HTML report generation -
roast --html src/ > report.html
- Auto-fix mode - Apply suggested changes automatically
- IDE plugins - VS Code, IntelliJ, Vim
- Team dashboard - Track code quality over time
- Learning mode - Personalized feedback based on your skill level
- Multi-model support - Use GPT-4, Gemini, local models
- Offline mode - Local model integration
- Web UI for drag-and-drop file roasting
- Slack/Discord bot integration
- GitHub PR comment automation
- GitLab CI/CD integration
- Pre-commit hook generator
- Support for Jupyter notebooks (.ipynb)
Want a feature? Open a GitHub issue or +1 existing ones!
# Clone repo
git clone https://github.com/muinmomin/roast.git
cd roast
# Install dependencies
npm install
# Link locally for testing
npm link
# Test with sample file
roast examples/bad-code.js
# Run tests (if available)
npm testProject structure:
roast/
├── bin/
│ └── roast.js # CLI entry point
├── lib/
│ └── roast.js # Core logic
├── examples/
│ └── bad-code.js # Test cases
├── package.json
└── README.md
Testing:
# Create test file
cat > test.js << 'EOF'
var x = 1;
eval(userInput);
EOF
$ roast test.jsFound a bug? Want to add a feature?
# Clone the repo
git clone https://github.com/muinmomin/roast.git
cd roast
# Install dependencies
npm install
# Test locally
npm link
roast test-file.js
# Run tests (if available)
npm testPull requests welcome! Please:
- Keep the humor sharp but not mean
- Add tests for new features
- Follow existing code style (ESLint config included)
- Update README if adding options
Code style:
- Use ESLint
- Follow existing patterns
- Add JSDoc comments for functions
- Keep roasts clever, not cruel
Ideas for contributions:
- Better language detection
- Framework-specific roasting (React, Django, Rails patterns)
- Security vulnerability detection
- Performance analysis
- Custom roast templates
Love roast? Check out our other developer productivity tools:
| Tool | Description | NPM |
|---|---|---|
| git-why | AI-powered git history explainer. Understand why code exists before you roast it. |  |
| portguard | Monitor and kill zombie processes hogging your ports. Fix EADDRINUSE in one command. |
 |
| oops | Pipe any error to AI for instant fixes. When roasting reveals real bugs, oops fixes them. |
 |
Coming soon: More tools to make your dev workflow faster. Follow @muincompany for updates!
📰 Read the launch article on Dev.to: 4 CLI Tools Every Developer Needs (That You've Never Heard Of)
MIT
Built with:
- Anthropic Claude - The AI doing the roasting
- Commander.js - CLI framework
- Chalk - Terminal colors
Inspired by every brutally honest code review you've ever received (or given).