Added
- Issue batch: diagnostics, config UX, lifecycle, security taxonomy, and CI portability (closes #1151, #1159, #1160, #1161, #1162, #1163, #1164). CI now runs the workspace test suite on Linux, Windows, and macOS; Windows-sensitive tests normalize CRLF and canonical paths. Diagnostics now carry optional ranges, text output shows code frames, JSON/SARIF/LSP/WASM preserve spans, SARIF includes fixes, and
--format githubemits GitHub Actions annotations. Addedagnix explain <RULE>with text/JSON output..agnix.tomlnow supportsextend,[rules.severity]per-rule overrides, and inline suppressions (agnix: noqa,agnix-disable-next-line). Rule lifecycle policy is documented, removedAS-*rule IDs warn in config, and 37 security-facing rules now carry CWE/OWASP/vulnerability-class metadata that SARIF exports as taxonomies.