shipcheck-cli v0.4.4

Public-positioning refresh for Shipcheck CLI.\n\n- Updated npm/package metadata to the Tate Programs domain.\n- Cleaned old marketplace/demo links from the README and support links.\n- Renamed public scanner wording around app exposure and paid API guardrails.\n- Kept the release-readiness, MCP metadata, Stripe, Supabase, Firebase, env, CI, and SARIF checks passing.

shipcheck-cli v0.4.1

Adds MCP release-readiness checks and narrows MCP-server detection to avoid flagging MCP-adjacent packages.\n\nRun:\nsh\nnpx --yes shipcheck-cli .\n

shipcheck-cli v0.4.0

Adds MCP release-readiness checks for mcpName, server.json, pinned npm metadata, install config, and tool-safety notes.\n\nRun:\nsh\nnpx --yes shipcheck-cli .\n

shipcheck-cli v0.3.0

Adds SARIF output with --format sarif for GitHub code scanning upload workflows. Also documents the Marketplace action path for writing shipcheck.sarif files.

v0.2.0

Adds AI-app exposure checks for private-looking secrets, public frontend env names, unsigned Stripe webhooks, missing Firebase rules, Supabase RLS evidence, debug API routes, and AI usage guardrails. Also updates README positioning around defensive static scanning for authorized repos.