Skip to content

Commit 66e8a55

Browse files
sonukapoorsonukapoor
authored
Merge pull request #122 from sonukapoor/readme-reddit-conversion-cta
docs: add new-here onboarding and feedback CTA
2 parents 1d7a689 + b8dc602 commit 66e8a55

1 file changed

Lines changed: 20 additions & 0 deletions

File tree

README.md

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515

1616
<p>
1717
<a href="#quick-start">Quick Start</a> •
18+
<a href="#new-here-start-here">New Here? Start Here</a> •
1819
<a href="#features">Features</a> •
1920
<a href="#usage">Usage</a> •
2021
<a href="https://github.com/sonukapoor/cve-lite-cli/blob/main/src/docs/CONTRIBUTING.md">Contributing</a>
@@ -31,6 +32,7 @@
3132
<td valign="top">
3233
<strong>Overview</strong><br/>
3334
<a href="#what-is-cve-lite-cli">What is CVE Lite CLI</a><br/>
35+
<a href="#new-here-start-here">New here? Start here</a><br/>
3436
<a href="#new-offline-advisory-db-support">Offline advisory DB support</a><br/>
3537
<a href="#why-offline-mode-matters">Why offline mode matters</a><br/>
3638
<a href="docs/case-studies/owasp-juice-shop.md">OWASP Juice Shop case study</a><br/>
@@ -80,6 +82,24 @@ It is designed to be:
8082

8183
For real-world remediation examples, see the [OWASP Juice Shop case study](docs/case-studies/owasp-juice-shop.md) and the [NestJS case study](docs/case-studies/nestjs.md).
8284

85+
## New here? Start here
86+
87+
1. run one scan on a real project with `npx cve-lite-cli /path/to/project --verbose`
88+
2. review direct vs transitive findings and the `Copy And Run These Fix Commands` section
89+
3. compare the output with your current scanner workflow
90+
4. check a real walkthrough:
91+
- [OWASP Juice Shop case study](docs/case-studies/owasp-juice-shop.md)
92+
- [NestJS case study](docs/case-studies/nestjs.md)
93+
94+
If CVE Lite CLI helps your release workflow, a GitHub star helps more developers discover it: [Star CVE Lite CLI](https://github.com/sonukapoor/cve-lite-cli).
95+
96+
If you want to shape the roadmap, open an issue with feedback on:
97+
98+
- whether the direct vs transitive split is useful in practice
99+
- where remediation guidance is still missing
100+
- what increases or decreases trust in a CLI security tool
101+
- what would make frontend-heavy CI workflows smoother
102+
83103
## New: Offline advisory DB support
84104

85105
CVE Lite CLI now supports a local advisory database workflow for teams that cannot allow runtime outbound advisory API calls.

0 commit comments

Comments
 (0)