Including npm packages in software development projects saves time but can introduce unseen but known vulnerabilities.
CVE Lite CLI is a lightweight command line security scanner that operates on lockfiles during software development. It focuses on JavaScript and Typescript files and is an OSV-powered dependency scanner supporting npm, pnpm and Yarn.
It is an open source tool developed by Sonu Kap...
