v0.4.0public launch
First public release
- Static analysis — no runtime needed; catches issues before code ever runs
- Five check modules:
secrets,auth,payments,database,deployment - 176+ security rules across JavaScript, TypeScript, Python, Go, and Rust
--changedflag — incremental scan of files modified since last commit--strict— exit 1 on any high / critical finding, for blocking CI gates--json— machine-readable output for CI pipelines and agents- Local scan mode — code never leaves your machine; cloud scan mode — rules-as-a-service
- CI/CD integration: pre-push hook scaffold + GitHub Actions workflow via shipguard init
- Deterministic exit codes: 0 ship · 1 blocked · 2 config · 3 runtime