CVE Lite CLI

Version updated for https://github.com/sonukapoor/cve-lite-cli to version v1.5.1.

• This action is used across all versions by ? repositories.

Action Type

This is a Composite action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

CVE Lite CLI is a GitHub Action designed to scan JavaScript and TypeScript projects for known vulnerabilities, providing actionable insights to prioritize and fix issues efficiently. It supports offline advisory databases for use in restricted or enterprise environments, making it ideal for secure, network-limited workflows. The tool is developer-friendly, cost-effective, and tailored for seamless integration into CI pipelines, ensuring reliable vulnerability detection before project release.

What’s Changed

Changed

• direct vs transitive relationship classification now treats only root manifest-declared dependencies as direct, reducing misleading root-level remediation commands in monorepo/tooling-heavy scans
• verbose fix-command output now renders parent-upgrade sections in a structured table with package, current version, recommended target, and context columns
• README, website copy, and NestJS case study wording now align with direct/transitive remediation actionability expectations and refreshed screenshot evidence

• Sonukapoor
• GitHub Actions