All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Global npm installs now print a short post-install quick-start guide so users immediately see how to run the CLI.
- Tag-driven GitHub Actions release workflow that validates version metadata, builds a tarball and checksum, publishes to npm, and creates a GitHub release.
- Release helper scripts for changelog extraction and version/changelog validation.
- npm release scripts for repeatable validation and package checks.
- Built-in CLI quick-start guide for no-argument,
help,--help, and-hinvocation.
- Deterministic scanner CLI with
scan,baseline create, andrules listcommands. - Terminal, JSON, Markdown, and SARIF reporters.
- Repository policy loading from
.sfa.jsonand baseline suppression/generation. - Fifteen deterministic rules covering secrets, GitHub Actions, Docker, and common JSON config risks.
- Reusable GitHub Action wrapper and verification workflow.
- Production documentation baseline including ADRs, SOPs, contributing guidance, and durable project memory.