diff --git a/README.md b/README.md index 9d6132d008d..c417c55fed1 100644 --- a/README.md +++ b/README.md @@ -48,7 +48,10 @@ Please note: These are the instructions for the latest OSV-Scanner V2 beta. If y ### [Scanning a source directory](https://google.github.io/osv-scanner/usage) -`osv-scanner scan source -r /path/to/your/dir` +```bash +$ osv-scanner scan source -r /path/to/your/dir +``` + This command will recursively scan the specified directory for any supported package files, such as `package.json`, `go.mod`, `pom.xml`, etc. and output any discovered vulnerabilities. OSV-Scanner has the option of using call analysis to determine if a vulnerable function is actually being used in the project, resulting in fewer false positives, and actionable alerts. @@ -74,7 +77,9 @@ See the [full documentation](https://google.github.io/osv-scanner/supported-lang **Usage**: -`$ osv-scanner scan image my-image-name:tag` +```bash +$ osv-scanner scan image my-image-name:tag +``` ![screencast of html output of container scanning](https://github.com/user-attachments/assets/8bb95366-27ec-45d1-86ed-e42890f2fb46) @@ -82,17 +87,23 @@ See the [full documentation](https://google.github.io/osv-scanner/supported-lang Check your dependencies' licenses using deps.dev data. For a summary: -`osv-scanner --experimental-licenses-summary path/to/repository` +```bash +osv-scanner --experimental-licenses-summary path/to/repository +``` To check against an allowed license list (SPDX format): -`osv-scanner --experimental-licenses="MIT,Apache-2.0" path/to/directory` +```bash +osv-scanner --experimental-licenses="MIT,Apache-2.0" path/to/directory +``` ### [Offline Scanning](https://google.github.io/osv-scanner/experimental/offline-mode/) (Experimental) Scan your project against a local OSV database. No network connection is required after the initial database download. The database can also be manually downloaded. -`osv-scanner --experimental-offline --experimental-download-offline-databases ./path/to/your/dir` +```bash +osv-scanner --experimental-offline --experimental-download-offline-databases ./path/to/your/dir +``` ### [Guided Remediation](https://google.github.io/osv-scanner/experimental/guided-remediation/) (Experimental) @@ -109,11 +120,23 @@ This is available as a headless CLI command, as well as an interactive mode. #### Example (for npm) -`$ osv-scanner fix \--max-depth=3 \--min-severity=5 \--ignore-dev \--non-interactive \--strategy=in-place \-L path/to/package-lock.json` +```bash +$ osv-scanner fix \ + --max-depth=3 \ + --min-severity=5 \ + --ignore-dev \ + --non-interactive \ + --strategy=in-place \ + -L path/to/package-lock.json +``` #### Interactive mode (for npm) -`$ osv-scanner fix -M path/to/package.json -L path/to/package-lock.json ` +```bash +$ osv-scanner fix \ + -M path/to/package.json \ + -L path/to/package-lock.json +``` Screenshot of the interactive relock results screen with some relaxation patches selected diff --git a/docs/_sass/custom/custom.scss b/docs/_sass/custom/custom.scss index d8ec9635e37..2e5f83345e0 100644 --- a/docs/_sass/custom/custom.scss +++ b/docs/_sass/custom/custom.scss @@ -32,3 +32,7 @@ table { border-bottom-width: 2px; } } + +.site-title { + padding-top: 15px !important; +} diff --git a/docs/assets/icon.png b/docs/assets/icon.png index eab28230dcb..613532481bd 100644 Binary files a/docs/assets/icon.png and b/docs/assets/icon.png differ diff --git a/docs/assets/logo-dark.png b/docs/assets/logo-dark.png index 9cacba51706..16ceaf3e752 100644 Binary files a/docs/assets/logo-dark.png and b/docs/assets/logo-dark.png differ diff --git a/docs/assets/logo.png b/docs/assets/logo.png index 1153c5324fb..44a33ebd5c4 100644 Binary files a/docs/assets/logo.png and b/docs/assets/logo.png differ diff --git a/docs/images/osv-full-darkmode.png b/docs/images/osv-full-darkmode.png new file mode 100644 index 00000000000..16ceaf3e752 Binary files /dev/null and b/docs/images/osv-full-darkmode.png differ diff --git a/docs/images/osv-full-lightmode.png b/docs/images/osv-full-lightmode.png new file mode 100644 index 00000000000..44a33ebd5c4 Binary files /dev/null and b/docs/images/osv-full-lightmode.png differ