CVE Lite CLI
I Ran OWASP CVE Lite CLI on a Real TypeScript App. Here's What It Actually Told Me.
Most dependency scanners are good at one thing: handing you a wall of CVE IDs and walking away. You get the what's broken. What you almost never get is the what do I run to fix it — the part you actually have to figure out yourself at 11pm