docs: add Docusaurus pnpm monorepo case study#766
Conversation
Signed-off-by: Ranimabidi <ranimabidiranabi@gmail.com>
|
Thanks for adding this case study. I think this needs a few fixes before merge:
|
|
|
||
| <p align="center"> | ||
|
|
||
|   <img src="https://docusaurus.io/img/docusaurus.png" alt="Docusaurus logo" width="200"/> |
There was a problem hiding this comment.
The logo needs to be bundled locally rather than hotlinked to docusaurus.io. Download it to website/static/img/docusaurus-logo.png and update the src to /cve-lite-cli/img/docusaurus-logo.png - every existing case study follows this pattern, and an external URL can break if the asset moves.
|
|
||
|
|
||
|
|
||
| \## Comparison: CVE Lite CLI vs pnpm audit |
There was a problem hiding this comment.
The section heading should be ## Comparison Note: CVE Lite CLI vs pnpm audit - the word "Note" is part of the required structure and all existing studies use it.
|
|
||
|
|
||
|
|
||
| \## Fix plan |
There was a problem hiding this comment.
Two required sections are missing here. This should start with ## Before vs After - a table with the baseline row (14 findings) followed by at least one measured row showing the finding count after applying each fix command group. Then ## Fix Journey documents the sequential steps. The format requires you to apply each command group against a local Docusaurus clone, rescan after each pass, and record the new counts. Without those measured rows the study is baseline-only - it doesn't show the remediation actually worked.
|
|
||
|
|
||
|
|
||
| \## Remaining risk after fix plan |
There was a problem hiding this comment.
## Remaining risk after fix plan is before ## Why this matters here, but the required order is ## Why this matters first, then ## Remaining risk after .... Please swap these two sections.
Signed-off-by: Ranimabidi <ranimabidiranabi@gmail.com>
|
Thanks for the fixes - the logo, heading, and Before/After table are all looking good now. Two structural things still to address before merge:
|
Signed-off-by: Ranimabidi <ranimabidiranabi@gmail.com>
Related to #596
What this adds
A verified baseline case study of running CVE Lite CLI v1.25.0 on Docusaurus
— a professionally maintained pnpm monorepo by Meta with 2,590 resolved packages.
Scan summary
Reproduction
git clone https://github.com/facebook/docusaurus
cd docusaurus
cve-lite . --verbose --all
Scanned on 2026-06-26 · CLI v1.25.0