Added
- SARIF output —
--format sarifemits SARIF 2.1.0 for GitHub code scanning, and--sarif <PATH>writes SARIF to a file alongside the normal stdout report. The GitHub Action now uploads SARIF by default (annotations on the PR diff + Security tab); grantsecurity-events: writeto enable the upload. Still gates on findings —no-fail: "true"opts out,sarif: "false"disables the upload.
Changed
effect-in-componentis now scope-aware: it flags auseEffectonly when defined inside a component's body, not merely present in a file that has a component. Effects inside a co-locateduse*hook are fine.- Upgrade the OXC crates from 0.133 to 0.138.
Fixed
inline-fontno longer flags a font token reference (fontFamily: MONO) or bare generic families (monospace,sans-serif). Only a quoted font or a hardcoded multi-family stack is flagged.
Install: curl -fsSL https://raw.githubusercontent.com/zmaril/straitjacket/main/install.sh | sh
Full changelog: v0.1.0...v0.2.0