CVE Lite CLI

Version updated for https://github.com/sonukapoor/cve-lite-cli to version v1.4.0.

• This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

CVE Lite CLI is a GitHub Action that provides fast and developer-friendly vulnerability scanning for JavaScript and TypeScript projects. It automates the identification of known package vulnerabilities and offers practical remediation guidance, including support for offline advisory databases to accommodate restricted network environments. This action is designed to enhance security workflows by offering affordable, transparent, and accessible vulnerability management solutions.

What’s Changed

Highlights

• expanded copy-and-run fix commands beyond only the urgent path
• validate npm fixed-version hints before surfacing install commands
• use nearest published fallbacks for unpublished fixed-version hints and warn on unpublishable ones
• improve compact output so top-priority issues and runnable commands are less confusing
• add a new NestJS case study showing the local scan-fix-rescan workflow in practice

• sonukapoor
• GitHub Actions