Add SARIF output format for qlty check

CLAUDE.md

@@ -3,13 +3,11 @@
 ## Build & Test Commands
 
 - Typecheck (faster than build): `cargo check`
-- Build: `cargo build`
-- Run auto-formatter: `qlty fmt`
-- Run linter: `qlty check --fix --no-formatters`
+- To auto-format or lint always used this command: `qlty check --fix`
 - Run all tests: `cargo test`
+- Build: `cargo build`
 - Run specific test: `cargo test test_name_here`
-- With coverage: `cargo llvm-cov --lcov --output-path target/lcov.info -- --include-ignored`
-- Run project Makefile task: `cargo make task_name`
+- NEVER use `cargo insta review` to accept snapshots. Instead use `INSTA_UPDATE=always cargo test ...`
 
 ## Code Style Guidelines
 
@@ -20,7 +18,6 @@
 - Always use strong typing with enums for bounded sets of values
 - Imports: group std first, then external crates, then internal modules
 - Comprehensive error handling with proper context using `context()` or `with_context()`
-
 - Use descriptive variable names that clearly express intent
 - Write docstrings for public APIs and complex functions
 
@@ -36,7 +33,6 @@
 
 ## Development Workflow
 
-- Start chnages on a new branch which is branched from `main` with a descriptive name
-- Before committing, format the code, typecheck, lint, and run tests
-- In the commit message, include the EXACT instructions from me the user
+- Never commit to `main` branch. Always work on a new branch from `main` with a descriptive name
+- IMPORTANT: Before every commit, typecheck, run auto-formatting and linting, and run all the tests
 - Always open PRs in draft mode

Cargo.toml

@@ -49,7 +49,7 @@ http = "1.3.1"
 ignore = "0.4.22"
 indicatif = "0.17.11"
 indoc = "2.0.6"
-insta = { version = "1.42.2", features = ["yaml", "redactions"] }
+insta = { version = "1.42.2", features = ["yaml", "json", "redactions"] }
 itertools = "0.14.0"
 keyring = { version = "3.6.2", features = [
     "apple-native",
@@ -74,6 +74,7 @@ qlty-check = { version = "0.504.0", path = "qlty-check" }
 qlty-cloud = { version = "0.504.0", path = "qlty-cloud" }
 qlty-config = { version = "0.504.0", path = "qlty-config" }
 qlty-coverage = { version = "0.504.0", path = "qlty-coverage" }
+qlty-formats = { version = "0.504.0", path = "qlty-formats" }
 qlty-plugins = { version = "0.504.0", path = "qlty-plugins" }
 qlty-smells = { version = "0.504.0", path = "qlty-smells" }
 qlty-test-utilities = { version = "0.504.0", path = "qlty-test-utilities" }

qlty-analysis/Cargo.toml

@@ -30,9 +30,7 @@ qlty-types.workspace = true
 rand.workspace = true
 rayon.workspace = true
 regex.workspace = true
-semver.workspace = true
 serde.workspace = true
-serde_yaml.workspace = true
 tempfile.workspace = true
 time.workspace = true
 tracing.workspace = true

qlty-check/src/llm/fixer.rs

@@ -34,6 +34,7 @@ pub struct Fixer {
     r#unsafe: bool,
     attempts_per_file: Arc<Mutex<HashMap<String, AtomicUsize>>>,
     total_attempts: Arc<AtomicUsize>,
+    auth_token: String,
 }
 
 impl IssueTransformer for Fixer {
@@ -64,12 +65,16 @@ impl IssueTransformer for Fixer {
 
 impl Fixer {
     pub fn new(plan: &Plan, progress: Progress) -> Self {
+        // If auth_token is missing, use empty string as a fallback
+        let auth_token = plan.settings.auth_token.clone().unwrap_or_default();
+
         Self {
             progress,
             staging_area: plan.staging_area.clone(),
             r#unsafe: plan.settings.r#unsafe,
             attempts_per_file: Arc::new(Mutex::new(HashMap::new())),
             total_attempts: Arc::new(AtomicUsize::new(0)),
+            auth_token,
         }
     }
 
@@ -154,7 +159,7 @@ impl Fixer {
     }
 
     fn try_fix(&self, path: &String, issues: &[Issue]) -> Result<Vec<Issue>> {
-        let client = Client::authenticated()?;
+        let client = Client::new(None, Some(self.auth_token.clone()));
         let content = self.staging_area.read(path.clone().into())?;
         let response = API_THREAD_POOL.scope(|_| {
             client.post("/fixes/batch").send_json(json!({

qlty-check/src/settings.rs

@@ -25,6 +25,7 @@ pub struct Settings {
     pub trigger: CheckTrigger,
     pub skip_errored_plugins: bool,
     pub emit_existing_issues: bool,
+    pub auth_token: Option<String>,
 }
 
 impl Default for Settings {
@@ -51,6 +52,7 @@ impl Default for Settings {
             trigger: CheckTrigger::Manual,
             skip_errored_plugins: false,
             emit_existing_issues: false,
+            auth_token: None,
         }
     }
 }

qlty-cli/Cargo.toml

@@ -9,7 +9,10 @@ homepage.workspace = true
 repository.workspace = true
 keywords.workspace = true
 categories.workspace = true
+license-file.workspace = true
 edition.workspace = true
+include.workspace = true
+
 autotests = false
 
 [lib]
@@ -25,72 +28,75 @@ name = "qlty"
 name = "integration"
 path = "tests/tests.rs"
 
-[features]
-default = ["alpha"]
-alpha = []
-
 [dependencies]
 anyhow.workspace = true
 base64.workspace = true
 bytesize.workspace = true
-cap.workspace = true
 chrono.workspace = true
-clap_complete.workspace = true
 clap.workspace = true
+clap_complete.workspace = true
 cli-table.workspace = true
 console.workspace = true
 dialoguer.workspace = true
-diffy.workspace = true
 duct.workspace = true
-git2.workspace = true
 glob.workspace = true
-globset.workspace = true
+http.workspace = true
 indicatif.workspace = true
 itertools.workspace = true
-lazy_static.workspace = true
+keyring.workspace = true
 log.workspace = true
-mac_address.workspace = true
 md5.workspace = true
 num-format.workspace = true
-pathdiff.workspace = true
+cap.workspace = true
+diffy.workspace = true
+git2.workspace = true
+globset.workspace = true
+lazy_static.workspace = true
+mac_address.workspace = true
 pbjson-types.workspace = true
+pathdiff.workspace = true
 qlty-analysis.workspace = true
 qlty-check.workspace = true
 qlty-cloud.workspace = true
 qlty-config.workspace = true
 qlty-coverage.workspace = true
+qlty-formats.workspace = true
 qlty-smells.workspace = true
-qlty-test-utilities.workspace = true
 qlty-types.workspace = true
 rayon.workspace = true
 regex.workspace = true
-semver.workspace = true
 sentry-backtrace.workspace = true
-sentry.workspace = true
-serde_json.workspace = true
 serde_yaml.workspace = true
-serde-xml-rs.workspace = true
-serde.workspace = true
 similar.workspace = true
 supports-color.workspace = true
 syntect.workspace = true
 tabwriter.workspace = true
-tempfile.workspace = true
 termbg.workspace = true
 thiserror.workspace = true
 time.workspace = true
+uuid.workspace = true
+semver.workspace = true
+sentry.workspace = true
+serde.workspace = true
+serde_json.workspace = true
+serde-querystring.workspace = true
+tiny_http.workspace = true
 toml_edit.workspace = true
+tracing.workspace = true
 tracing-appender.workspace = true
 tracing-subscriber.workspace = true
-tracing.workspace = true
 ureq.workspace = true
-uuid.workspace = true
 webbrowser.workspace = true
 whoami.workspace = true
 
 [dev-dependencies]
+indoc.workspace = true
+insta.workspace = true
+tempfile.workspace = true
+tracing-test.workspace = true
 trycmd.workspace = true
+qlty-test-utilities.workspace = true
 
 [target.'cfg(unix)'.dependencies]
 exec.workspace = true
-fork.workspace = true
+fork.workspace = true

qlty-cli/src/arguments.rs

@@ -1,5 +1,4 @@
 use crate::commands::*;
-#[cfg(feature = "alpha")]
 use crate::commands::{auth, cache, config, plugins};
 use crate::{CommandError, CommandSuccess};
 use anyhow::Result;