Added
- CVE count now shown alongside package count in all output modes: terminal summary reads
✗ Found 26 packages (35 CVEs), compact output reads26 packages · 35 CVEs, verbose quick-take reads35 CVEs matched overall, and the HTML report gains a dedicated CVEs severity card alongside the Packages card. - npm-shrinkwrap.json support: the scanner now detects and parses
npm-shrinkwrap.jsonwith correct precedence overpackage-lock.jsonwhen both are present.
Fixed
security-events: writepermission added to the self-scan CI job so SARIF uploads succeed.
Docs
- Getting Started page title shortened and added to top nav.
- Ghost CMS case study added with full Before/After fix journey.
- Socket CLI comparison expanded with structured sections.
- README: strengthened hero differentiators, unique combination claim, and OWASP threading; added package manager logos section; added Press section with Help Net Security and Development Curated coverage.
- Website homepage: added "As seen in" press bar with Help Net Security and Development Curated logos.
- How It Works: added Vulnerability Data Sources section; removed redundant network-privacy doc.
Validation
- npm test
- npm run build