@lateos/npm-scan 1.0.0 → 1.1.1

package/README.de.md

@@ -9,8 +9,8 @@
 [![npm version](https://img.shields.io/npm/v/@lateos/npm-scan?style=flat-square)](https://www.npmjs.com/package/@lateos/npm-scan)
 [![License](https://img.shields.io/badge/license-Apache%202.0%20%2B%20Commons%20Clause-blue?style=flat-square)](LICENSING.md)
 [![Node](https://img.shields.io/badge/node-%3E%3D18-brightgreen?style=flat-square)](package.json)
-[![Tests](https://img.shields.io/badge/tests-459%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
-[![Coverage](https://img.shields.io/badge/coverage-85%25-yellowgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Tests](https://img.shields.io/badge/tests-696%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Coverage](https://img.shields.io/badge/coverage-90%25-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
 [![Docker](https://img.shields.io/badge/docker-lateos%2Fnpm--scan-2496ED?style=flat-square&logo=docker)](https://hub.docker.com/r/lateos/npm-scan)
 [![Sigstore](https://img.shields.io/static/v1?label=Sigstore&message=Provenance&color=green&style=flat-square&logo=sigstore)](https://github.com/lateos-ai/npm-scan/actions/workflows/publish.yml)
 
@@ -485,102 +485,6 @@ npm-scan report --html > report.html
 
 ### Docker
 
-Siehe den obigen [Docker-Schnellstart-Abschnitt](#-lateosnpm-scan-überall-mit-docker-ausführen--keine-installation) für Pull-Befehle, Compose-Pipeline und Multi-Arch-Images.
-
-Scannen Sie die `package-lock.json` Ihres Projekts bei jedem PR — erkennt Typosquatting, obfuskierte Payloads, Credential-Stealer und Wurmverbreitung, bevor sie die Produktion erreichen:
-
-```yaml
-# .github/workflows/scan.yml
-name: npm-scan
-on:
-  pull_request:
-    paths:
-      - 'package-lock.json'
-      - '**/package.json'
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-      with:
-        node-version: 20
-    - name: Scan lockfile
-      uses: lateos/npm-scan@v1
-      with:
-        scan-type: lockfile
-        fail-on: high
-```
-
-#### Action-Eingaben
-
-| Eingabe | Standard | Beschreibung |
-|-------|---------|-------------|
-| `scan-type` | `lockfile` | `lockfile` zum Scannen von `package-lock.json` oder `package` zum Scannen eines bestimmten npm-Pakets |
-| `package` | — | Paketname (erforderlich bei `scan-type=package`) |
-| `fail-on` | `high` | Workflow bei diesem Schweregrad-Schwellwert fehlschlagen lassen: `none`, `low`, `medium`, `high`, `critical` |
-| `policy-file` | — | Pfad zu einer YAML/JSON-Policy-Datei für Whitelists, Schweregrad-Überschreibungen und Unterdrückungen |
-| `license-key` | — | Premium-Lizenzschlüssel für SIEM-Export und PDF-Berichte |
-| `siem-format` | — | SIEM-Ausgabe: `cef`, `ecs`, `sentinel`, `qradar` (Premium) |
-| `sbom-format` | — | SBOM-Ausgabe: `json`, `xml`, `spdx` |
-
-#### Action-Ausgaben
-
-| Ausgabe | Beschreibung |
-|--------|-------------|
-| `findings-count` | Anzahl der erkannten Ergebnisse |
-| `scan-id` | Scan-ID für spätere Referenz in Berichten |
-
-#### Beispiel: Bestimmtes Paket mit Policy + SBOM scannen
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: package
-    package: lodash
-    policy-file: .npm-scan.yml
-    sbom-format: spdx
-    fail-on: critical
-```
-
-#### Beispiel: Mit SIEM-Export scannen (Premium)
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: lockfile
-    siem-format: cef
-    license-key: ${{ secrets.NPM_SCAN_LICENSE_KEY }}
-```
-
-### CI/CD-Pipeline
-
-Direkte Integration in Ihre bestehende Pipeline ohne die Composite-Action:
-
-```bash
-# Lock-Datei scannen, Build bei hohem Schweregrad fehlschlagen lassen
-npm-scan scan-lockfile --policy .npm-scan.yml || exit 1
-
-# Bestimmtes Paket scannen, nur bei kritisch fehlschlagen
-npm-scan scan lodash --policy .npm-scan.yml || exit 1
-
-# SBOM als Build-Artefakt generieren
-npm-scan scan express --sbom spdx > express-sbom.spdx.json
-
-# HTML-Compliance-Bericht in CI generieren
-npm-scan report --html > report.html
-
-# Bericht als Artefakt hochladen
-# uses: actions/upload-artifact@v4
-#   with:
-#     name: npm-scan-report
-#     path: report.html
-```
-
-### Docker
-
-Siehe den obigen [Docker-Schnellstart-Abschnitt](#-lateosnpm-scan-überall-mit-docker-ausführen--keine-installation) für Pull-Befehle, Compose-Pipeline und Multi-Arch-Images.
-
 ---
 
 ## 🗺️ Roadmap und Enterprise-Funktionen
@@ -706,4 +610,5 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
 ```bash
 npx @lateos/npm-scan scan lodash
+```
 ```

package/README.fr.md

@@ -9,8 +9,8 @@
 [![npm version](https://img.shields.io/npm/v/@lateos/npm-scan?style=flat-square)](https://www.npmjs.com/package/@lateos/npm-scan)
 [![License](https://img.shields.io/badge/license-Apache%202.0%20%2B%20Commons%20Clause-blue?style=flat-square)](LICENSING.md)
 [![Node](https://img.shields.io/badge/node-%3E%3D18-brightgreen?style=flat-square)](package.json)
-[![Tests](https://img.shields.io/badge/tests-459%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
-[![Coverage](https://img.shields.io/badge/coverage-85%25-yellowgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Tests](https://img.shields.io/badge/tests-696%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Coverage](https://img.shields.io/badge/coverage-90%25-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
 [![Docker](https://img.shields.io/badge/docker-lateos%2Fnpm--scan-2496ED?style=flat-square&logo=docker)](https://hub.docker.com/r/lateos/npm-scan)
 [![Sigstore](https://img.shields.io/static/v1?label=Sigstore&message=Provenance&color=green&style=flat-square&logo=sigstore)](https://github.com/lateos-ai/npm-scan/actions/workflows/publish.yml)
 
@@ -485,102 +485,6 @@ npm-scan report --html > report.html
 
 ### Docker
 
-Voir la [section Démarrage rapide Docker](#-exécutez-lateosnpm-scan-partout-avec-docker--zéro-installation) ci-dessus pour les commandes de tirage, le pipeline Compose et les images multi-arch.
-
-Scannez le `package-lock.json` de votre projet à chaque PR — détecte les typosquattings, les charges utiles obfusquées, les voleurs d'identifiants et la propagation de ver avant qu'ils n'atteignent la production :
-
-```yaml
-# .github/workflows/scan.yml
-name: npm-scan
-on:
-  pull_request:
-    paths:
-      - 'package-lock.json'
-      - '**/package.json'
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-      with:
-        node-version: 20
-    - name: Scan lockfile
-      uses: lateos/npm-scan@v1
-      with:
-        scan-type: lockfile
-        fail-on: high
-```
-
-#### Entrées de l'action
-
-| Entrée | Défaut | Description |
-|-------|---------|-------------|
-| `scan-type` | `lockfile` | `lockfile` pour scanner `package-lock.json` ou `package` pour scanner un paquet npm spécifique |
-| `package` | — | Nom du paquet (requis quand `scan-type=package`) |
-| `fail-on` | `high` | Faire échouer le workflow à ce seuil de sévérité : `none`, `low`, `medium`, `high`, `critical` |
-| `policy-file` | — | Chemin vers un fichier de politique YAML/JSON pour listes blanches, surcharges de sévérité et suppressions |
-| `license-key` | — | Clé de licence premium pour l'export SIEM et les rapports PDF |
-| `siem-format` | — | Sortie SIEM : `cef`, `ecs`, `sentinel`, `qradar` (premium) |
-| `sbom-format` | — | Sortie SBOM : `json`, `xml`, `spdx` |
-
-#### Sorties de l'action
-
-| Sortie | Description |
-|--------|-------------|
-| `findings-count` | Nombre de résultats détectés |
-| `scan-id` | ID du scan pour référence ultérieure dans les rapports |
-
-#### Exemple : scanner un paquet spécifique avec politique + SBOM
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: package
-    package: lodash
-    policy-file: .npm-scan.yml
-    sbom-format: spdx
-    fail-on: critical
-```
-
-#### Exemple : scanner avec export SIEM (premium)
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: lockfile
-    siem-format: cef
-    license-key: ${{ secrets.NPM_SCAN_LICENSE_KEY }}
-```
-
-### Pipeline CI/CD
-
-Intégrez directement dans votre pipeline existant sans l'action composite :
-
-```bash
-# Scanner le fichier de verrouillage, échouer le build en sévérité élevée
-npm-scan scan-lockfile --policy .npm-scan.yml || exit 1
-
-# Scanner un paquet spécifique, échouer seulement sur critique
-npm-scan scan lodash --policy .npm-scan.yml || exit 1
-
-# Générer un SBOM comme artefact de build
-npm-scan scan express --sbom spdx > express-sbom.spdx.json
-
-# Générer un rapport de conformité HTML dans le CI
-npm-scan report --html > report.html
-
-# Télécharger le rapport comme artefact
-# uses: actions/upload-artifact@v4
-#   with:
-#     name: npm-scan-report
-#     path: report.html
-```
-
-### Docker
-
-Voir la [section Démarrage rapide Docker](#-exécutez-lateosnpm-scan-partout-avec-docker--zéro-installation) ci-dessus pour les commandes de tirage, le pipeline Compose et les images multi-arch.
-
 ---
 
 ## 🗺️ Feuille de route et fonctionnalités Enterprise
@@ -706,4 +610,5 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
 ```bash
 npx @lateos/npm-scan scan lodash
+```
 ```

package/README.ja.md

@@ -9,8 +9,8 @@
 [![npm version](https://img.shields.io/npm/v/@lateos/npm-scan?style=flat-square)](https://www.npmjs.com/package/@lateos/npm-scan)
 [![License](https://img.shields.io/badge/license-Apache%202.0%20%2B%20Commons%20Clause-blue?style=flat-square)](LICENSING.md)
 [![Node](https://img.shields.io/badge/node-%3E%3D18-brightgreen?style=flat-square)](package.json)
-[![Tests](https://img.shields.io/badge/tests-459%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
-[![Coverage](https://img.shields.io/badge/coverage-85%25-yellowgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Tests](https://img.shields.io/badge/tests-696%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Coverage](https://img.shields.io/badge/coverage-90%25-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
 [![Docker](https://img.shields.io/badge/docker-lateos%2Fnpm--scan-2496ED?style=flat-square&logo=docker)](https://hub.docker.com/r/lateos/npm-scan)
 [![Sigstore](https://img.shields.io/static/v1?label=Sigstore&message=Provenance&color=green&style=flat-square&logo=sigstore)](https://github.com/lateos-ai/npm-scan/actions/workflows/publish.yml)
 
@@ -481,102 +481,6 @@ npm-scan report --html > report.html
 
 ### Docker
 
-上記の[Dockerクイックスタート](#-dockerでlateosnpm-scanをどこでも実行--インストール不要)セクションを参照してください。プルコマンド、Composeパイプライン、マルチアーキテクチャイメージについて説明しています。
-
-すべてのPRでプロジェクトの`package-lock.json`をスキャン——タイポスクワッティング、難読化ペイロード、認証情報窃取ツール、ワーム伝播を本番環境に到達する前に検出：
-
-```yaml
-# .github/workflows/scan.yml
-name: npm-scan
-on:
-  pull_request:
-    paths:
-      - 'package-lock.json'
-      - '**/package.json'
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-      with:
-        node-version: 20
-    - name: Scan lockfile
-      uses: lateos/npm-scan@v1
-      with:
-        scan-type: lockfile
-        fail-on: high
-```
-
-#### Action入力
-
-| 入力 | デフォルト | 説明 |
-|-------|---------|-------------|
-| `scan-type` | `lockfile` | `lockfile`は`package-lock.json`をスキャン、`package`は特定のnpmパッケージをスキャン |
-| `package` | — | パッケージ名（`scan-type=package`時に必須） |
-| `fail-on` | `high` | この重要度しきい値でワークフローを失敗させる：`none`、`low`、`medium`、`high`、`critical` |
-| `policy-file` | — | 許可リスト、重要度上書き、抑制用のYAML/JSONポリシーファイルへのパス |
-| `license-key` | — | SIEMエクスポートとPDFレポート用のプレミアムライセンスキー |
-| `siem-format` | — | SIEM出力：`cef`、`ecs`、`sentinel`、`qradar`（プレミアム） |
-| `sbom-format` | — | SBOM出力：`json`、`xml`、`spdx` |
-
-#### Action出力
-
-| 出力 | 説明 |
-|--------|-------------|
-| `findings-count` | 検出された発見項目の数 |
-| `scan-id` | 後でレポートで参照するためのスキャンID |
-
-#### 例：ポリシー＋SBOMで特定パッケージをスキャン
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: package
-    package: lodash
-    policy-file: .npm-scan.yml
-    sbom-format: spdx
-    fail-on: critical
-```
-
-#### 例：SIEMエクスポートでスキャン（プレミアム）
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: lockfile
-    siem-format: cef
-    license-key: ${{ secrets.NPM_SCAN_LICENSE_KEY }}
-```
-
-### CI/CDパイプライン
-
-複合アクションを使わずに既存のパイプラインに直接統合：
-
-```bash
-# ロックファイルをスキャン、高重要度でビルドを失敗
-npm-scan scan-lockfile --policy .npm-scan.yml || exit 1
-
-# 特定のパッケージをスキャン、クリティカルのみで失敗
-npm-scan scan lodash --policy .npm-scan.yml || exit 1
-
-# SBOMをビルドアーティファクトとして生成
-npm-scan scan express --sbom spdx > express-sbom.spdx.json
-
-# CIでHTMLコンプライアンスレポートを生成
-npm-scan report --html > report.html
-
-# レポートをアーティファクトとしてアップロード
-# uses: actions/upload-artifact@v4
-#   with:
-#     name: npm-scan-report
-#     path: report.html
-```
-
-### Docker
-
-上記の[Dockerクイックスタート](#-dockerでlateosnpm-scanをどこでも実行--インストール不要)セクションを参照してください。プルコマンド、Composeパイプライン、マルチアーキテクチャイメージについて説明しています。
-
 ---
 
 ## 🗺️ ロードマップとエンタープライズ機能
@@ -702,4 +606,5 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
 ```bash
 npx @lateos/npm-scan scan lodash
+```
 ```

package/README.md

@@ -3,7 +3,7 @@
 [![npm version](https://img.shields.io/npm/v/@lateos/npm-scan?style=flat-square)](https://www.npmjs.com/package/@lateos/npm-scan)
 [![License](https://img.shields.io/badge/license-Apache%202.0%20%2B%20Commons%20Clause-blue?style=flat-square)](LICENSING.md)
 [![Node](https://img.shields.io/badge/node-%3E%3D18-brightgreen?style=flat-square)](package.json)
-[![Tests](https://img.shields.io/badge/tests-536%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Tests](https://img.shields.io/badge/tests-696%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
 [![Coverage](https://img.shields.io/badge/coverage-90%25-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
 [![Docker](https://img.shields.io/badge/docker-lateos%2Fnpm--scan-2496ED?style=flat-square&logo=docker)](https://hub.docker.com/r/lateos/npm-scan)
 [![Sigstore](https://img.shields.io/static/v1?label=Sigstore&message=Provenance&color=green&style=flat-square&logo=sigstore)](https://github.com/lateos-ai/npm-scan/actions/workflows/publish.yml)
@@ -596,126 +596,6 @@ npm-scan report --html > report.html
 
 See the [Docker quick-start section](#-run-lateosnpm-scan-anywhere-with-docker--zero-installation) above for pull commands, Compose pipeline, and multi-arch images.
 
-Scan your project's `package-lock.json` on every PR — detects typosquats, obfuscated payloads, credential harvesters, and worm propagation before they reach production:
-
-```yaml
-# .github/workflows/scan.yml
-name: npm-scan
-on:
-  pull_request:
-    paths:
-      - 'package-lock.json'
-      - '**/package.json'
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-      with:
-        node-version: 20
-    - name: Scan lockfile
-      uses: lateos/npm-scan@v1
-      with:
-        scan-type: lockfile
-        fail-on: high
-```
-
-#### Action inputs
-
-| Input | Default | Description |
-|-------|---------|-------------|
-| `scan-type` | `lockfile` | `lockfile` to scan `package-lock.json` or `package` to scan a specific npm package |
-| `package` | — | Package name (required when `scan-type=package`) |
-| `fail-on` | `high` | Fail the workflow at this severity threshold: `none`, `low`, `medium`, `high`, `critical` |
-| `policy-file` | — | Path to a YAML/JSON policy file for allowlists, severity overrides, and suppressions |
-| `license-key` | — | Premium license key for SIEM export and PDF reports |
-| `siem-format` | — | SIEM output: `cef`, `ecs`, `sentinel`, `qradar` (premium) |
-| `sbom-format` | — | SBOM output: `json`, `xml`, `spdx` |
-
-#### Action outputs
-
-| Output | Description |
-|--------|-------------|
-| `findings-count` | Number of findings detected |
-| `scan-id` | Scan ID for later reference in reports |
-
-#### Example: scan a specific package with policy + SBOM
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: package
-    package: lodash
-    policy-file: .npm-scan.yml
-    sbom-format: spdx
-    fail-on: critical
-```
-
-#### Example: scan with SIEM export (premium)
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: lockfile
-    siem-format: cef
-    license-key: ${{ secrets.NPM_SCAN_LICENSE_KEY }}
-```
-
-### CI/CD pipeline
-
-Integrate directly into your existing pipeline without the composite action:
-
-```bash
-# Scan lockfile, fail build on high severity
-npm-scan scan-lockfile --policy .npm-scan.yml || exit 1
-
-# Scan a specific package, fail on critical only
-npm-scan scan lodash --policy .npm-scan.yml || exit 1
-
-# Generate SBOM as a build artifact
-npm-scan scan express --sbom spdx > express-sbom.spdx.json
-
-# Generate HTML compliance report in CI
-npm-scan report --html > report.html
-
-# Upload report as an artifact
-# uses: actions/upload-artifact@v4
-#   with:
-#     name: npm-scan-report
-#     path: report.html
-```
-
-### Pre-commit hook
-
-Block supply chain threats **before** they reach version control — no CI required.
-
-```bash
-# One-liner install (requires Node 18+, Git)
-npx husky@latest init && npm install && npx husky add .husky/pre-commit "npx lint-staged"
-```
-
-**What it does:** On every `git commit`, lint-staged detects staged changes to `package.json` or `package-lock.json` and runs `npm-scan scan-lockfile --fail-on high`. Commits are blocked if threats are found.
-
-```bash
-$ git commit -m "bump lodash"
-✔ Preparing lint-staged configuration...
-✔ Running tasks for staged package*.json files...
-✔ npm-scan scan-lockfile --fail-on high
-  🔴 ATK-003: Credential exfiltration (DNS lookup to credentialharvest.example.com)
-  🔴 ATK-007: Typosquat detected (lodash@7.7.7)
-  ⚠ Exiting with code 1 — threat(s) found
-
-npm scan • @lateos/npm-scan v0.11.6
-error: Command failed with exit code 1.
-```
-
-Add `--no-verify` to bypass for emergencies (`git commit -m "emergency fix" --no-verify`).
-
-### Docker
-
-See the [Docker quick-start section](#-run-lateosnpm-scan-anywhere-with-docker--zero-installation) above for pull commands, Compose pipeline, and multi-arch images.
-
 ---
 
 ## 🗺️ Roadmap & Enterprise Features
@@ -858,4 +738,4 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
 ```bash
 npx @lateos/npm-scan scan lodash
-```
+```

package/README.zh.md

@@ -9,8 +9,8 @@
 [![npm version](https://img.shields.io/npm/v/@lateos/npm-scan?style=flat-square)](https://www.npmjs.com/package/@lateos/npm-scan)
 [![License](https://img.shields.io/badge/license-Apache%202.0%20%2B%20Commons%20Clause-blue?style=flat-square)](LICENSING.md)
 [![Node](https://img.shields.io/badge/node-%3E%3D18-brightgreen?style=flat-square)](package.json)
-[![Tests](https://img.shields.io/badge/tests-459%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
-[![Coverage](https://img.shields.io/badge/coverage-85%25-yellowgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Tests](https://img.shields.io/badge/tests-696%20passing-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
+[![Coverage](https://img.shields.io/badge/coverage-90%25-brightgreen?style=flat-square)](https://github.com/lateos-ai/npm-scan)
 [![Docker](https://img.shields.io/badge/docker-lateos%2Fnpm--scan-2496ED?style=flat-square&logo=docker)](https://hub.docker.com/r/lateos/npm-scan)
 [![Sigstore](https://img.shields.io/static/v1?label=Sigstore&message=Provenance&color=green&style=flat-square&logo=sigstore)](https://github.com/lateos-ai/npm-scan/actions/workflows/publish.yml)
 
@@ -485,102 +485,6 @@ npm-scan report --html > report.html
 
 ### Docker
 
-请参见上方的 [Docker 快速入门部分](#-在任何地方通过-docker-运行-lateosnpm-scan--零安装)，了解拉取命令、Compose 流水线和多架构镜像。
-
-在每个 PR 上扫描您项目的 `package-lock.json`——在它们进入生产环境之前检测域名抢注、混淆载荷、凭证窃取器和蠕虫传播：
-
-```yaml
-# .github/workflows/scan.yml
-name: npm-scan
-on:
-  pull_request:
-    paths:
-      - 'package-lock.json'
-      - '**/package.json'
-jobs:
-  scan:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
-      with:
-        node-version: 20
-    - name: Scan lockfile
-      uses: lateos/npm-scan@v1
-      with:
-        scan-type: lockfile
-        fail-on: high
-```
-
-#### Action 输入
-
-| 输入 | 默认值 | 描述 |
-|-------|---------|-------------|
-| `scan-type` | `lockfile` | `lockfile` 扫描 `package-lock.json` 或 `package` 扫描特定 npm 包 |
-| `package` | — | 包名（`scan-type=package` 时需要） |
-| `fail-on` | `high` | 在此严重性阈值处使工作流失败：`none`、`low`、`medium`、`high`、`critical` |
-| `policy-file` | — | YAML/JSON 策略文件路径，用于白名单、严重性覆盖和抑制 |
-| `license-key` | — | 用于 SIEM 导出和 PDF 报告的高级版许可证密钥 |
-| `siem-format` | — | SIEM 输出：`cef`、`ecs`、`sentinel`、`qradar`（高级版） |
-| `sbom-format` | — | SBOM 输出：`json`、`xml`、`spdx` |
-
-#### Action 输出
-
-| 输出 | 描述 |
-|--------|-------------|
-| `findings-count` | 检测到的发现项数量 |
-| `scan-id` | 扫描 ID，用于后续报告引用 |
-
-#### 示例：使用策略 + SBOM 扫描特定包
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: package
-    package: lodash
-    policy-file: .npm-scan.yml
-    sbom-format: spdx
-    fail-on: critical
-```
-
-#### 示例：使用 SIEM 导出扫描（高级版）
-
-```yaml
-- uses: lateos/npm-scan@v1
-  with:
-    scan-type: lockfile
-    siem-format: cef
-    license-key: ${{ secrets.NPM_SCAN_LICENSE_KEY }}
-```
-
-### CI/CD 流水线
-
-直接集成到您现有的流水线中，无需复合操作：
-
-```bash
-# 扫描锁定文件，在高严重性时使构建失败
-npm-scan scan-lockfile --policy .npm-scan.yml || exit 1
-
-# 扫描特定包，仅在严重时失败
-npm-scan scan lodash --policy .npm-scan.yml || exit 1
-
-# 生成 SBOM 作为构建产物
-npm-scan scan express --sbom spdx > express-sbom.spdx.json
-
-# 在 CI 中生成 HTML 合规报告
-npm-scan report --html > report.html
-
-# 上传报告作为产物
-# uses: actions/upload-artifact@v4
-#   with:
-#     name: npm-scan-report
-#     path: report.html
-```
-
-### Docker
-
-请参见上方的 [Docker 快速入门部分](#-在任何地方通过-docker-运行-lateosnpm-scan--零安装)，了解拉取命令、Compose 流水线和多架构镜像。
-
 ---
 
 ## 🗺️ 路线图与企业功能
@@ -706,4 +610,5 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
 ```bash
 npx @lateos/npm-scan scan lodash
+```
 ```