Skip to content

OWASP/cve-lite-cli

v1.1.1 Feature

This release adds 2 notable features for engineering teams evaluating rollout.

Published 2mo Vulnerability Scanning
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

security cve javascript nodejs owasp security-tools

Summary

AI summary

Advisory sync performance improved ~9.9x and stale-data warnings added for offline scans.

Full changelog

Added

  • advisory DB freshness reporting during offline scans
  • stale-data warnings when the local advisory DB appears old or is missing sync metadata

Changed

  • significantly improved advisory sync performance through bulk SQLite ingestion optimizations
  • local advisory DB sync is now about 9.9x faster in our benchmark on the same machine and OSV npm dump
  • README now includes the advisory sync benchmark and updated offline freshness guidance

Benchmark

Local benchmark on the same machine using the same OSV npm dump:

  • advisory records: about 217,065
  • before: 87.53s real
  • after: 8.84s real

Example workflow

cve-lite advisories sync
cve-lite /path/to/project --offline

Or with an explicit DB path:

cve-lite advisories sync --output /path/to/advisories.db
cve-lite /path/to/project --offline-db /path/to/advisories.db
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track OWASP/cve-lite-cli

Get notified when new releases ship.

Sign up free

About OWASP/cve-lite-cli

All releases →

Related context

Beta — feedback welcome: [email protected]