@hnpsaga/vulnerascan
v0.0.2
Published
Developer-first vulnerability scanner for modern software projects.
Maintainers
Readme
VulneraScan
Developer-first vulnerability scanner for modern software projects.
Status
🔨 v0.0.1 — Foundation
The CLI framework, tooling, and repository standards are in place. Vulnerability scanning functionality is coming in v0.0.2.
Installation
npm install -g @hnpsaga/vulnerascanor run without installing:
npx @hnpsaga/vulnerascan --helpCommands
| Command | Description |
| --------------------- | --------------------------------------------- |
| vulnerascan | Display help information |
| vulnerascan version | Print the current version |
| vulnerascan doctor | Check environment health and configuration |
| vulnerascan scan | Scan for vulnerabilities (coming in v0.0.2) |
vulnerascan version
VulneraScan v0.0.1vulnerascan doctor
Checks your environment and creates the configuration directory if missing:
Running VulneraScan doctor checks...
✔ Node version (v20.0.0 (minimum: v18))
✔ Platform (linux)
✔ CLI installed (vulnerascan is reachable)
✔ Configuration directory accessible (~/.vulnerascan)
All checks passed. VulneraScan is ready.vulnerascan scan
Scanning functionality coming in v0.0.2Development Status
| Version | Phase | Status | | ------- | ----------------- | -------------- | | v0.0.1 | Foundation | 🔨 In Progress | | v0.0.2 | Project Discovery | 📋 Planned | | v0.0.3 | Dependency Graph | 📋 Planned | | v0.1.0 | Stable CLI | 📋 Planned | | v0.2.0 | Local Dashboard | 📋 Planned | | v0.3.0 | AI Remediation | 📋 Planned |
See the full Roadmap for details.
Planned Features
- 🔍 Dependency discovery across multiple ecosystems
- 📊 Dependency graph generation
- 🛡️ Vulnerability detection via OSV, NVD, and GitHub Advisories
- 🌍 Multi-language support (Node.js, Python, Maven, Gradle)
- 🤖 AI-assisted remediation insights (BYOK)
- 🖥️ Local security dashboard
Contributing
We welcome contributions! Please read CONTRIBUTING.md for guidelines on branch naming, commit conventions, and the PR process.
Security
To report a security vulnerability, please follow the responsible disclosure process. Do not open public GitHub issues for security reports.
License
MIT — see LICENSE for details.
