Release v0.3.0 — explain and migrate, stack health score, corpus research · Svector-anu/rightstack

What's new

rightstack explain <query> — look up any tool by npm package name, tool ID, or alias. Shows ecosystem fit, scale guidance, common pairings, migration warnings, and source links. Detects when you search for a deprecated/renamed package (e.g. explain @solana/web3.js warns and redirects to @solana/kit).
rightstack migrate <from-package> — full migration guide for any package in the corpus: migration path, detailed notes, and install/uninstall commands.

Stack health score — every repo-audit now shows a 0–100 score and A/B/C/D/F grade in the header. Formula: 100 − min(criticals×25, 75) − min(highs×10, 30) − min(mediums×3, 15). Included in --json output.
CRITICAL false-positive bug fix — the CRITICAL tier was firing on sdk_migration.status alone, ignoring which package triggered detection. A repo with @solana/kit (the correct, modern package) would incorrectly receive CRITICAL if solana-kit had migrating-from status. Now mirrors the package-aware check already used by MEDIUM.

solana-kit: successor → migrating-from — @solana/web3.js v1 is in maintenance mode; CRITICAL now fires for repos using it
alchemy-account-kit: migrating-from — @alchemy/aa-* abandoned Aug 2024, CRITICAL fires
turnkey: migrating-from — @turnkey/sdk-browser README-deprecated in favour of @turnkey/core
zerodev, dynamic, wagmi: migrating-from — semver cases; CRITICAL will fire after Phase 5.1 semver matching
onchainkit, privy, pimlico: stable — confirmed, no migration story

examples/github-action/rightstack-audit.yml — PR bot that posts a severity table comment on every PR touching package.json or lockfiles.

Benchmark gate: 50/50. tsc: clean.