Reference

Common issues and fixes: PATH after install, phantom-import noise when third-party deps aren't installed (scope to --changed), license/entitlement not detected, and CI exit-code handling.

The local-first guarantees: no source upload ever, no Shipmoor cloud in the critical path, offline license verification, BYO-Judge under your own provider, and the data-residency posture. Notes which governance features are roadmap (RBAC, SOC 2 / ISO).

Every detection rule Shipmoor ships, grouped by language and failure class, with severity and a short description. Generated from shipmoor rules.

The stable JSON contracts every consumer reads: shipmoor.scan.v1, shipmoor.capabilities.v1, and shipmoor.identity.v1 — the schemas, and the rule that the entitlement vocabulary is defined once in shipmoor-core.

Project configuration: .shipmoor.yaml/.shipmoor.yml discovery, .shipmoor/intent files, and the verdict-policy / baseline files that tune scanning and the Claim Check gate.

The complete shipmoor command surface — scan and its scopes/flags, rules, explain, login/logout/whoami, capabilities, upgrade, skills, intent-scan, repair-guidance, version — with the tier each requires.

Public release notes — notable user-facing changes by version, starting from the v0.4.0 mono-repo consolidation. Curated from the internal CHANGELOG.