Merge pull request #150 from sonukapoor/release/v1.5.2

sonukapoor · web-flow · commit c57ea4c9f37e · 2026-04-10T19:48:41.000-04:00
chore: prepare 1.5.2 release
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,18 @@
 
 All notable changes to CVE Lite CLI will be documented in this file.
 
+## [1.5.2] - 2026-04-10
+
+### Added
+- scoped `--fix` mode for validated direct dependency remediation with package-manager-native apply behavior
+- automatic rescan after successful `--fix` apply and concise fix summary output (applied fixes, skipped findings, remaining severity mix)
+- dedicated `--fix` documentation guide and refreshed website/README guidance
+- Juice Shop case-study evidence for `--fix` workflow output
+
+### Changed
+- CLI now includes explicit `--fix` help output and improved fix-phase progress messaging
+- README comparison table now includes an explicit auto-fix support column with caveated tool-by-tool notes
+
 ## [1.5.1] - 2026-04-10
 
 ### Changed
diff --git a/docs/index.html b/docs/index.html
@@ -41,9 +41,9 @@
           <div class="hero-logo">
             <img src="https://raw.githubusercontent.com/sonukapoor/cve-lite-cli/main/assets/logo-with-title-removebg-preview.png" alt="CVE Lite CLI logo" />
           </div>
-          <a class="release-badge" href="https://github.com/sonukapoor/cve-lite-cli/releases/tag/v1.5.1" aria-label="Latest release v1.5.1">
+          <a class="release-badge" href="https://github.com/sonukapoor/cve-lite-cli/releases/tag/v1.5.2" aria-label="Latest release v1.5.2">
             <span class="release-badge-label">Latest Release</span>
-            <span class="release-badge-version">v1.5.1</span>
+            <span class="release-badge-version">v1.5.2</span>
           </a>
           <p class="eyebrow">JavaScript/TypeScript Dependency Scanner</p>
           <h1>Scan. Prioritize. Fix.</h1>
@@ -220,7 +220,7 @@ <h3>GitHub Action</h3>
 
     <footer class="container site-footer">
       <p>CVE Lite CLI is MIT licensed and built in public.</p>
-      <p>Latest: <a href="https://github.com/sonukapoor/cve-lite-cli/releases/tag/v1.5.1">v1.5.1</a></p>
+      <p>Latest: <a href="https://github.com/sonukapoor/cve-lite-cli/releases/tag/v1.5.2">v1.5.2</a></p>
       <p>Developed with love by <a href="https://sonukapoor.com">Sonu Kapoor</a>.</p>
       <p>
         <a href="https://github.com/sonukapoor/cve-lite-cli/issues">Open an issue</a>
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cve-lite-cli",
-  "version": "1.5.1",
+  "version": "1.5.2",
   "description": "Developer-friendly CLI for scanning JS/TS projects for dependency vulnerabilities using local lockfiles and OSV",
   "type": "module",
   "bin": {

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "cve-lite-cli",`
`3`		`- "version": "1.5.1",`
	`3`	`+ "version": "1.5.2",`
`4`	`4`	`"description": "Developer-friendly CLI for scanning JS/TS projects for dependency vulnerabilities using local lockfiles and OSV",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"bin": {`