Merge pull request #226 from OWASP/docs/issue-225-owasp-logo

docs: add OWASP logo branding and screenshot showcase

Author: sonukapoor

README.md

@@ -1,5 +1,5 @@
 
-[![OWASP Incubator Project](https://img.shields.io/badge/OWASP-Incubator%20Project-F68B1F?logo=owasp)](https://owasp.org/cve-lite-cli)
+[![OWASP Incubator Project](https://img.shields.io/badge/OWASP-Incubator%20Project-48A646?logo=owasp)](https://owasp.org/cve-lite-cli)
 [![npm version](https://img.shields.io/npm/v/cve-lite-cli)](https://www.npmjs.com/package/cve-lite-cli)
 [![npm downloads](https://img.shields.io/npm/dm/cve-lite-cli)](https://www.npmjs.com/package/cve-lite-cli)
 [![CI](https://img.shields.io/github/actions/workflow/status/OWASP/cve-lite-cli/ci.yml?branch=main)](https://github.com/OWASP/cve-lite-cli/actions)
@@ -8,7 +8,9 @@
 [![Protected by CVE Lite CLI](https://img.shields.io/badge/Protected_by-CVE_Lite_CLI-brightgreen)](https://github.com/OWASP/cve-lite-cli)
 
 <div align="center">
-  <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/logo-with-title.png" alt="CVE Lite CLI" width="320"/>
+  <a href="https://owasp.org/cve-lite-cli">
+    <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/logos-combined.svg" alt="CVE Lite CLI — An OWASP Foundation Project" width="500"/>
+  </a>
 
   <h1>CVE Lite CLI</h1>
 
@@ -92,30 +94,37 @@ For detailed per-tool analysis, see [Comparison with other tools](docs/compariso
 
 ## What it looks like
 
-Default output on [OWASP Juice Shop](https://github.com/juice-shop/juice-shop):
-
-```bash
-git clone https://github.com/juice-shop/juice-shop.git
-cd juice-shop
-cve-lite .
-```
-
-<p align="center">
-  <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png">
-    <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png" alt="CVE Lite CLI default output" width="600"/>
-  </a>
-</p>
-
-Verbose output — includes the `Copy And Run These Fix Commands` section:
-
+<table>
+  <tr>
+    <th align="center">Terminal output</th>
+    <th align="center">HTML dashboard (<code>--report</code>)</th>
+  </tr>
+  <tr>
+    <td align="center">
+      <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png">
+        <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png" alt="CVE Lite CLI terminal output" width="440"/>
+      </a>
+    </td>
+    <td align="center">
+      <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/html-report-dashboard.png">
+        <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/html-report-dashboard.png" alt="CVE Lite CLI HTML dashboard" width="440"/>
+      </a>
+    </td>
+  </tr>
+  <tr>
+    <td align="center"><sub>Default scan output · <a href="docs/how-to-read-verbose-output.md">verbose output guide</a></sub></td>
+    <td align="center"><sub>Generated with <code>--report</code> · <a href="docs/html-report.md">HTML report guide</a></sub></td>
+  </tr>
+</table>
+
+<details>
+<summary>Verbose terminal output — includes the full fix plan</summary>
 <p align="center">
   <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-1.png"><img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-1.png" alt="Verbose output part 1" width="280"/></a>
   <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-2.png"><img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-2.png" alt="Verbose output part 2" width="280"/></a>
   <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-3.png"><img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-3.png" alt="Verbose output part 3" width="280"/></a>
 </p>
-<p align="center"><sub>Click any screenshot to enlarge</sub></p>
-
-For a section-by-section walkthrough, see [How to read verbose output](docs/how-to-read-verbose-output.md).
+</details>
 
 ## HTML vulnerability report (`--report`)
 
@@ -126,12 +135,6 @@ cve-lite /path/to/project --report
 cve-lite /path/to/project --report ./my-report --no-open
 ```
 
-<p align="center">
-  <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/html-report-dashboard.png">
-    <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/html-report-dashboard.png" alt="CVE Lite CLI HTML Report Dashboard" width="700"/>
-  </a>
-</p>
-
 See the [HTML Report guide](docs/html-report.md) for the full option reference and output details.
 
 ## Usage
@@ -238,7 +241,7 @@ CVE Lite CLI also uses itself in CI to scan its own dependencies. See [`self-sca
 
 For full CI patterns including offline workflows, git hooks, and scripted automation, see the [CI and Workflow Integration guide](docs/ci-integration.md).
 
-## OWASP project
+## Recognized by OWASP
 
 CVE Lite CLI is an [OWASP Incubator Project](https://owasp.org/cve-lite-cli), peer-reviewed and maintained under the Open Web Application Security Project Foundation. Being part of OWASP means:
 

assets/html-report-dashboard.png

@@ -51,7 +51,7 @@
       "description": "Free, local-first dependency vulnerability scanner for JavaScript and TypeScript projects. Scans npm, pnpm, Yarn, and Bun lockfiles, provides copy-and-run fix commands, and supports offline advisory DB scanning.",
       "url": "https://owasp.org/cve-lite-cli/",
       "downloadUrl": "https://www.npmjs.com/package/cve-lite-cli",
-      "softwareVersion": "1.8.0",
+      "softwareVersion": "1.9.0",
       "license": "https://github.com/OWASP/cve-lite-cli/blob/main/LICENSE",
       "releaseNotes": "https://github.com/OWASP/cve-lite-cli/releases",
       "codeRepository": "https://github.com/OWASP/cve-lite-cli",
@@ -97,14 +97,22 @@
     <section class="container hero">
       <div class="hero-copy">
         <div class="hero-logo">
-          <img
-            src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/logo-with-title-removebg-preview.png"
-            alt="CVE Lite CLI logo" />
+          <div class="logo-pair">
+            <img
+              src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/logo-with-title-removebg-preview.png"
+              alt="CVE Lite CLI" />
+            <span class="logo-plus">+</span>
+            <a href="https://owasp.org/cve-lite-cli" aria-label="An OWASP Foundation Project">
+              <img
+                src="https://policy.owasp.org/assets/images/OWASP_Logo_Black_TM.png"
+                alt="An OWASP Foundation Project" />
+            </a>
+          </div>
         </div>
-        <a class="release-badge" href="https://github.com/OWASP/cve-lite-cli/releases/tag/v1.8.0"
-          aria-label="Latest release v1.8.0">
+        <a class="release-badge" href="https://github.com/OWASP/cve-lite-cli/releases/tag/v1.9.0"
+          aria-label="Latest release v1.9.0">
           <span class="release-badge-label">Latest Release</span>
-          <span class="release-badge-version">v1.8.0</span>
+          <span class="release-badge-version">v1.9.0</span>
         </a>
         <p class="eyebrow">JavaScript/TypeScript Dependency Scanner &mdash; <a href="https://owasp.org/cve-lite-cli" style="color:inherit;text-decoration:underline">An OWASP Foundation Project</a></p>
         <h1>Scan. Understand. Fix.</h1>
@@ -146,9 +154,40 @@ <h1>Scan. Understand. Fix.</h1>
           </div>
         </div>
       </div>
-      <div class="hero-art" aria-hidden="true">
-        <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png"
-          alt="CVE Lite CLI output screenshot" />
+      <div class="hero-art">
+        <div class="preview-tabs" role="tablist">
+          <button class="preview-tab" role="tab" aria-selected="false" data-target="preview-terminal">Terminal</button>
+          <button class="preview-tab active" role="tab" aria-selected="true" data-target="preview-report">HTML Report</button>
+          <button class="preview-tab" role="tab" aria-selected="false" data-target="preview-verbose">Verbose</button>
+        </div>
+        <div class="preview-panel" id="preview-terminal">
+          <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png" target="_blank" rel="noopener" class="preview-link">
+            <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/default-output.png"
+              alt="CVE Lite CLI terminal output" />
+          </a>
+        </div>
+        <div class="preview-panel active" id="preview-report">
+          <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/html-report-dashboard.png" target="_blank" rel="noopener" class="preview-link">
+            <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/html-report-dashboard.png"
+              alt="CVE Lite CLI HTML report dashboard" />
+          </a>
+        </div>
+        <div class="preview-panel" id="preview-verbose">
+          <div class="preview-verbose-grid">
+            <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-1.png" target="_blank" rel="noopener" class="preview-link">
+              <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-1.png"
+                alt="Verbose output — fix plan" />
+            </a>
+            <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-2.png" target="_blank" rel="noopener" class="preview-link">
+              <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-2.png"
+                alt="Verbose output — findings table" />
+            </a>
+            <a href="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-3.png" target="_blank" rel="noopener" class="preview-link">
+              <img src="https://raw.githubusercontent.com/OWASP/cve-lite-cli/main/assets/verbose-output-3.png"
+                alt="Verbose output — dependency paths" />
+            </a>
+          </div>
+        </div>
       </div>
     </section>
 
@@ -355,7 +394,7 @@ <h3>Trust and support</h3>
 
   <footer class="container site-footer">
     <p>CVE Lite CLI is MIT licensed and built in public. <a href="https://owasp.org/cve-lite-cli">An OWASP Foundation Project</a>.</p>
-    <p>Latest: <a href="https://github.com/OWASP/cve-lite-cli/releases/tag/v1.8.0">v1.8.0</a></p>
+    <p>Latest: <a href="https://github.com/OWASP/cve-lite-cli/releases/tag/v1.9.0">v1.9.0</a></p>
     <p>Developed with love by <a href="https://sonukapoor.com">Sonu Kapoor</a>.</p>
     <p>
       <a href="https://github.com/OWASP/cve-lite-cli/issues">Open an issue</a>
@@ -366,6 +405,17 @@ <h3>Trust and support</h3>
     </p>
   </footer>
   <script>
+    document.querySelectorAll(".preview-tab").forEach((tab) => {
+      tab.addEventListener("click", () => {
+        document.querySelectorAll(".preview-tab").forEach(t => { t.classList.remove("active"); t.setAttribute("aria-selected", "false"); });
+        document.querySelectorAll(".preview-panel").forEach(p => p.classList.remove("active"));
+        tab.classList.add("active");
+        tab.setAttribute("aria-selected", "true");
+        const target = tab.getAttribute("data-target");
+        if (target) document.getElementById(target)?.classList.add("active");
+      });
+    });
+
     document.querySelectorAll(".copy-btn").forEach((btn) => {
       btn.addEventListener("click", async () => {
         const id = btn.getAttribute("data-copy-target");

assets/logos-combined.svg

@@ -124,6 +124,64 @@ nav a:hover {
   opacity: 1;
 }
 
+.owasp-banner {
+  background: linear-gradient(90deg, rgba(246, 139, 31, 0.08) 0%, rgba(246, 139, 31, 0.04) 100%);
+  border-top: 1px solid rgba(246, 139, 31, 0.25);
+  border-bottom: 1px solid rgba(246, 139, 31, 0.25);
+  padding: 0.9rem 0;
+}
+
+.owasp-banner-inner {
+  display: flex;
+  align-items: center;
+}
+
+.owasp-banner-link {
+  display: flex;
+  align-items: center;
+  gap: 1.1rem;
+  text-decoration: none;
+  width: 100%;
+}
+
+.owasp-banner-link:hover .owasp-banner-cta {
+  color: #F68B1F;
+}
+
+.owasp-banner-logo {
+  height: 32px;
+  width: auto;
+  background: white;
+  border-radius: 5px;
+  padding: 4px 8px;
+  flex-shrink: 0;
+}
+
+.owasp-banner-text {
+  display: flex;
+  flex-direction: column;
+  gap: 0.1rem;
+  flex: 1;
+}
+
+.owasp-banner-text strong {
+  font-size: 0.9rem;
+  color: #F68B1F;
+}
+
+.owasp-banner-text span {
+  font-size: 0.78rem;
+  color: var(--muted);
+}
+
+.owasp-banner-cta {
+  font-size: 0.78rem;
+  color: rgba(246, 139, 31, 0.7);
+  white-space: nowrap;
+  flex-shrink: 0;
+  transition: color 0.15s;
+}
+
 .hero {
   padding: 3.5rem 0 1.5rem;
   display: grid;
@@ -136,14 +194,34 @@ nav a:hover {
   margin-bottom: 0.7rem;
 }
 
-.hero-logo img {
-  width: min(330px, 88%);
-  height: auto;
-  border-radius: 0.9rem;
+.logo-pair {
+  display: inline-flex;
+  align-items: center;
+  gap: 14px;
   background: white;
+  border-radius: 0.9rem;
+  padding: 14px 22px;
   box-shadow: 0 10px 26px rgba(0, 0, 0, 0.22);
 }
 
+.logo-pair img {
+  height: 56px;
+  width: auto;
+}
+
+.logo-pair a {
+  display: flex;
+  align-items: center;
+}
+
+.logo-plus {
+  font-size: 26px;
+  font-weight: 700;
+  color: #94a3b8;
+  line-height: 1;
+  user-select: none;
+}
+
 .release-badge {
   display: inline-flex;
   align-items: center;
@@ -271,6 +349,62 @@ p {
   box-shadow: var(--shadow);
 }
 
+.preview-tabs {
+  display: flex;
+  gap: 0.4rem;
+  margin-bottom: 0.65rem;
+}
+
+.preview-tab {
+  background: transparent;
+  border: 1px solid rgba(183, 212, 255, 0.2);
+  border-radius: 6px;
+  color: #8b949e;
+  cursor: pointer;
+  font-size: 0.78rem;
+  font-weight: 600;
+  padding: 0.3rem 0.85rem;
+  transition: color 0.15s, border-color 0.15s, background 0.15s;
+}
+
+.preview-tab:hover {
+  color: #e6edf3;
+  border-color: rgba(183, 212, 255, 0.45);
+}
+
+.preview-tab.active {
+  background: rgba(87, 245, 159, 0.08);
+  border-color: #57f59f;
+  color: #57f59f;
+}
+
+.preview-panel {
+  display: none;
+}
+
+.preview-panel.active {
+  display: block;
+}
+
+.preview-verbose-grid {
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
+}
+
+.preview-link {
+  display: block;
+  cursor: zoom-in;
+}
+
+.preview-link img {
+  transition: opacity 0.15s;
+}
+
+.preview-link:hover img {
+  opacity: 0.88;
+}
+
 .grid {
   display: grid;
   gap: 0.95rem;