Skip to content

Commit 6a42691

Browse files
sonukapoorsonukapoor
authored
Merge pull request #123 from sonukapoor/codex/website-pages-launch
feat: add GitHub Pages landing page
2 parents 66e8a55 + 5289c0f commit 6a42691

3 files changed

Lines changed: 654 additions & 0 deletions

File tree

assets/logo-with-title-removebg-preview.png

142 KB
Loading

docs/index.html

Lines changed: 243 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,243 @@
1+
<!doctype html>
2+
<html lang="en">
3+
<head>
4+
<meta charset="UTF-8" />
5+
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
6+
<title>CVE Lite CLI | Scan. Prioritize. Fix.</title>
7+
<meta
8+
name="description"
9+
content="Fast, developer-friendly vulnerability scanning for JavaScript and TypeScript projects, with offline advisory DB support."
10+
/>
11+
<link rel="icon" type="image/png" href="https://raw.githubusercontent.com/sonukapoor/cve-lite-cli/main/assets/favicon.png" />
12+
<link rel="preconnect" href="https://fonts.googleapis.com" />
13+
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
14+
<link
15+
href="https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@400;500;600;700&family=IBM+Plex+Mono:wght@400;500&display=swap"
16+
rel="stylesheet"
17+
/>
18+
<link rel="stylesheet" href="./styles.css" />
19+
</head>
20+
<body>
21+
<div class="bg-glow bg-glow-a"></div>
22+
<div class="bg-glow bg-glow-b"></div>
23+
<header class="container site-header">
24+
<a class="brand" href="#top">
25+
<span class="brand-dot" aria-hidden="true"></span>
26+
<span>CVE Lite CLI</span>
27+
</a>
28+
<nav>
29+
<a href="#quick-start">Quick Start</a>
30+
<a href="#features">Features</a>
31+
<a href="#workflow">Workflow</a>
32+
<a href="#speed">Speed</a>
33+
<a href="#links">Links</a>
34+
</nav>
35+
</header>
36+
37+
<main id="top">
38+
<section class="container hero">
39+
<div class="hero-copy">
40+
<div class="hero-logo">
41+
<img src="https://raw.githubusercontent.com/sonukapoor/cve-lite-cli/main/assets/logo-with-title-removebg-preview.png" alt="CVE Lite CLI logo" />
42+
</div>
43+
<p class="eyebrow">JavaScript/TypeScript Dependency Scanner</p>
44+
<h1>Scan. Prioritize. Fix.</h1>
45+
<p>
46+
CVE Lite CLI gives you a fast, local-first vulnerability scan with practical remediation commands, direct vs transitive
47+
clarity, and offline advisory DB support for restricted environments, so dependency fixes happen in minutes instead of
48+
waiting through repeated CI round-trips.
49+
</p>
50+
<div class="cta-row">
51+
<a class="btn btn-primary" href="https://github.com/sonukapoor/cve-lite-cli">View on GitHub</a>
52+
<a class="btn btn-ghost" href="https://www.npmjs.com/package/cve-lite-cli">View on npm</a>
53+
</div>
54+
<ul class="stats">
55+
<li>No account required</li>
56+
<li>npm, pnpm, Yarn lockfile support</li>
57+
<li>Offline scans with local advisory DB</li>
58+
<li>Copy-and-run npm fix commands</li>
59+
</ul>
60+
</div>
61+
<div class="hero-art" aria-hidden="true">
62+
<img
63+
src="https://raw.githubusercontent.com/sonukapoor/cve-lite-cli/main/assets/default-output.png"
64+
alt="CVE Lite CLI output screenshot"
65+
/>
66+
</div>
67+
</section>
68+
69+
<section class="container" id="quick-start">
70+
<h2>Quick Start</h2>
71+
<div class="grid two">
72+
<article class="card">
73+
<h3>Install globally</h3>
74+
<div class="command-box">
75+
<button
76+
class="copy-btn"
77+
type="button"
78+
aria-label="Copy install command"
79+
data-copy-target="cmd-install"
80+
data-tooltip="Copy command"
81+
>
82+
<svg class="icon-copy" viewBox="0 0 24 24" aria-hidden="true">
83+
<path d="M16 1H6a2 2 0 0 0-2 2v12h2V3h10V1zm3 4H10a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h9a2 2 0 0 0 2-2V7a2 2 0 0 0-2-2zm0 16H10V7h9v14z" />
84+
</svg>
85+
<svg class="icon-check" viewBox="0 0 24 24" aria-hidden="true">
86+
<path d="M9 16.17 4.83 12 3.41 13.41 9 19l12-12-1.41-1.41z" />
87+
</svg>
88+
</button>
89+
<pre><code id="cmd-install">npm install -g cve-lite-cli
90+
cve-lite /path/to/project</code></pre>
91+
</div>
92+
</article>
93+
<article class="card">
94+
<h3>Run one-off with npx</h3>
95+
<div class="command-box">
96+
<button
97+
class="copy-btn"
98+
type="button"
99+
aria-label="Copy npx command"
100+
data-copy-target="cmd-npx"
101+
data-tooltip="Copy command"
102+
>
103+
<svg class="icon-copy" viewBox="0 0 24 24" aria-hidden="true">
104+
<path d="M16 1H6a2 2 0 0 0-2 2v12h2V3h10V1zm3 4H10a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h9a2 2 0 0 0 2-2V7a2 2 0 0 0-2-2zm0 16H10V7h9v14z" />
105+
</svg>
106+
<svg class="icon-check" viewBox="0 0 24 24" aria-hidden="true">
107+
<path d="M9 16.17 4.83 12 3.41 13.41 9 19l12-12-1.41-1.41z" />
108+
</svg>
109+
</button>
110+
<pre><code id="cmd-npx">npx cve-lite-cli /path/to/project --verbose</code></pre>
111+
</div>
112+
</article>
113+
</div>
114+
</section>
115+
116+
<section class="container" id="features">
117+
<h2>What Makes It Useful</h2>
118+
<div class="grid three">
119+
<article class="card">
120+
<h3>Actionable output</h3>
121+
<p>Get summary-first scan results plus copy-and-run fix commands when confident upgrade targets exist.</p>
122+
</article>
123+
<article class="card">
124+
<h3>Direct vs transitive clarity</h3>
125+
<p>See where risk originates so teams can focus remediation effort where it matters first.</p>
126+
</article>
127+
<article class="card">
128+
<h3>CI and automation friendly</h3>
129+
<p>Use fail thresholds, JSON/SARIF output, and a reusable first-party GitHub Action in release pipelines.</p>
130+
</article>
131+
<article class="card">
132+
<h3>Offline advisory workflow</h3>
133+
<p>Sync advisories to a local SQLite DB and run scans with zero runtime advisory API calls.</p>
134+
</article>
135+
<article class="card">
136+
<h3>Small runtime footprint</h3>
137+
<p>Security-focused by design with minimal runtime dependencies and transparent behavior.</p>
138+
</article>
139+
<article class="card">
140+
<h3>Developer-first by default</h3>
141+
<p>Built for practical release-time checks and fast local fix loops without forcing teams onto a heavier paid platform.</p>
142+
</article>
143+
</div>
144+
</section>
145+
146+
<section class="container" id="workflow">
147+
<h2>Three Workflow Modes</h2>
148+
<div class="grid three">
149+
<article class="card">
150+
<h3>1. Standard online scan</h3>
151+
<pre><code>cve-lite /path/to/project</code></pre>
152+
</article>
153+
<article class="card">
154+
<h3>2. Advisory DB sync</h3>
155+
<pre><code>cve-lite advisories sync</code></pre>
156+
</article>
157+
<article class="card">
158+
<h3>3. Offline local DB scan</h3>
159+
<pre><code>cve-lite /path/to/project --offline</code></pre>
160+
</article>
161+
</div>
162+
</section>
163+
164+
<section class="container speed-section" id="speed">
165+
<h2>Fix Loop Speed Matters</h2>
166+
<div class="grid two">
167+
<article class="card">
168+
<h3>CI-only flow is slow</h3>
169+
<p>Upgrade one package, push, wait for checks, inspect logs, then repeat for the next version target.</p>
170+
</article>
171+
<article class="card">
172+
<h3>CVE Lite local flow is faster</h3>
173+
<p>Scan locally, copy suggested command, re-run scan immediately, and keep iterating in the same session.</p>
174+
</article>
175+
</div>
176+
<div class="card">
177+
<h3>Why teams adopt it</h3>
178+
<p>
179+
The goal is not just finding vulnerabilities. It is shortening the time from finding to fixing, especially when one dependency
180+
path needs multiple incremental upgrades.
181+
</p>
182+
</div>
183+
</section>
184+
185+
<section class="container" id="links">
186+
<h2>Case Studies and Links</h2>
187+
<div class="grid two">
188+
<article class="card">
189+
<h3>Real-world case studies</h3>
190+
<p>See practical scan-fix-rescan workflows and remediation examples on large projects.</p>
191+
<p class="link-list">
192+
<a href="https://github.com/sonukapoor/cve-lite-cli/blob/main/docs/case-studies/owasp-juice-shop.md">OWASP Juice Shop</a>
193+
<a href="https://github.com/sonukapoor/cve-lite-cli/blob/main/docs/case-studies/nestjs.md">NestJS</a>
194+
</p>
195+
</article>
196+
<article class="card">
197+
<h3>GitHub Action</h3>
198+
<p>Use the reusable first-party action to run CVE Lite CLI in CI with minimal setup.</p>
199+
<p class="link-list">
200+
<a href="https://github.com/marketplace/actions/cve-lite-cli">GitHub Marketplace Listing</a>
201+
<a href="https://github.com/sonukapoor/cve-lite-cli#usage">Full CLI Usage in README</a>
202+
</p>
203+
</article>
204+
</div>
205+
</section>
206+
</main>
207+
208+
<footer class="container site-footer">
209+
<p>CVE Lite CLI is MIT licensed and built in public.</p>
210+
<p>Developed with love by <a href="https://sonukapoor.com">Sonu Kapoor</a>.</p>
211+
<p>
212+
<a href="https://github.com/sonukapoor/cve-lite-cli/issues">Open an issue</a>
213+
<span></span>
214+
<a href="https://github.com/sonukapoor/cve-lite-cli/blob/main/src/docs/CONTRIBUTING.md">Contributing</a>
215+
<span></span>
216+
<a href="https://github.com/sonukapoor/cve-lite-cli/blob/main/src/docs/SECURITY.md">Security</a>
217+
</p>
218+
</footer>
219+
<script>
220+
document.querySelectorAll(".copy-btn").forEach((btn) => {
221+
btn.addEventListener("click", async () => {
222+
const id = btn.getAttribute("data-copy-target");
223+
const code = id ? document.getElementById(id) : null;
224+
if (!code) return;
225+
try {
226+
await navigator.clipboard.writeText(code.textContent.trim());
227+
btn.setAttribute("data-tooltip", "Copied");
228+
btn.classList.add("copied");
229+
setTimeout(() => {
230+
btn.setAttribute("data-tooltip", "Copy command");
231+
btn.classList.remove("copied");
232+
}, 1200);
233+
} catch (_) {
234+
btn.setAttribute("data-tooltip", "Copy failed");
235+
setTimeout(() => {
236+
btn.setAttribute("data-tooltip", "Copy command");
237+
}, 1200);
238+
}
239+
});
240+
});
241+
</script>
242+
</body>
243+
</html>

0 commit comments

Comments
 (0)