Merge branch 'dev'

Author: ehsandeep

README.md

@@ -71,7 +71,8 @@ vulnx analyze --fields affected_products.vendor
 | `filters` | List all available search fields and filters | `vulnx filters` |
 | `analyze` | Aggregate data by fields | `vulnx analyze -f severity` |
 | `auth` | Configure API access | `vulnx auth` |
-| `version` | Show version info | `vulnx version` |
+| `version` | Show version info and check for updates | `vulnx version` |
+| `update` | Update vulnx to latest version | `vulnx update` |
 | `healthcheck` | Test connectivity | `vulnx healthcheck` |
 
 ## Essential Options
@@ -181,14 +182,14 @@ vulnx search --detailed "log4j"          # Detailed analysis of specific vuln
 | `--tags` | | Filter by tags | `--tags rce,injection` |
 | `--cvss-score` | | Filter by CVSS score | `--cvss-score ">8.0"` |
 | `--epss-score` | | Filter by EPSS score | `--epss-score ">0.8"` |
-| `--vuln-age` | | Filter by age | `--vuln-age "<30"` |
+| `--vuln-age` | `-a` | Filter by age | `--vuln-age "<30"` |
 | `--vuln-type` | | Filter by vulnerability type | `--vuln-type sql_injection` |
-| `--kev-only` | | KEV vulnerabilities only | `--kev-only` |
+| `--kev` | | KEV vulnerabilities only | `--kev` |
 | `--template` | `-t` | Has Nuclei templates | `--template` |
 | `--poc` | | Has proof of concept | `--poc` |
 | `--hackerone` | | HackerOne reported | `--hackerone` |
 | `--remote-exploit` | | Remotely exploitable | `--remote-exploit` |
-| `--vstatus` | | Filter by vuln status | `--vstatus confirmed` |
+| `--vuln-status` | | Filter by vuln status | `--vuln-status confirmed` |
 
 
 ### Search Control Flags
@@ -220,13 +221,13 @@ vulnx search --severity critical,high   # Filter by severity
 vulnx search "NOT severity:low"         # Exclude severities using query syntax
 vulnx search --cvss-score ">8.0"        # Filter by CVSS score
 vulnx search --epss-score ">0.8"        # Filter by EPSS score
-vulnx search --vstatus confirmed         # Filter by status
+vulnx search --vuln-status confirmed     # Filter by status
 vulnx search --vuln-age "<30"           # Recent vulnerabilities
 ```
 
 **Exploit characteristics:**
 ```bash
-vulnx search --kev-only                 # KEV vulnerabilities only
+vulnx search --kev                      # KEV vulnerabilities only
 vulnx search --template                 # Has Nuclei templates
 vulnx search --poc                      # Has proof of concept
 vulnx search --hackerone                # HackerOne reported
@@ -361,11 +362,20 @@ export PDCP_API_KEY="your-key-here"     # Environment variable
 - **Non-interactive**: `vulnx auth --api-key KEY` - Perfect for automation/CI/CD
 - **Test only**: `vulnx auth --test` - Validate current configuration
 
+**Version management:**
+```bash
+vulnx version                            # Show version and check for updates
+vulnx version --disable-update-check     # Show version without update check
+vulnx update                             # Update to latest version
+vulnx --update                           # Alternative update command
+```
+
 **Global options:**
 ```bash
 vulnx --json search "apache"              # JSON output
 vulnx --silent search "apache"            # No banner
 vulnx --timeout 60s search "apache"       # Custom timeout
+vulnx --disable-update-check search "apache"  # Disable automatic update checks
 ```
 
 ## Troubleshooting
@@ -428,7 +438,8 @@ vulnx search --help                    # Search command help
 vulnx id --help                        # ID command help
 vulnx filters --help                   # Filters command help
 vulnx analyze --help                   # Analyze command help
-vulnx version --disable-update-check   # Version info
+vulnx version                          # Version info with update check
+vulnx version --disable-update-check   # Version info without update check
 ```
 
 **Data exploration (subject to rate limits without API key):**
@@ -444,6 +455,7 @@ vulnx analyze help                     # Available analyze fields
 
 - **Start immediately**: vulnx works without an API key - just run `vulnx search apache`
 - **Avoid rate limits**: Configure API key with `vulnx auth` for heavy usage
+- **Stay updated**: vulnx automatically checks for updates; use `--disable-update-check` to disable
 - Use `vulnx filters` to discover all available search fields and their syntax
 - Start with broad searches, then narrow down with filters
 - Use `--json` for scripting and automation

cmd/vulnx/clis/analyzehelp.go

@@ -2,7 +2,6 @@ package clis
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/projectdiscovery/gologger"
@@ -24,34 +23,7 @@ var (
 				}
 			}
 
-			overview := `ANALYZE COMMAND — OVERVIEW
-
-The analyze command provides a convenient shorthand for performing
-"GROUP BY"-style aggregations over the ProjectDiscovery Vulnerability Database.
-It leverages the Search API's term-facet capability internally, automatically
-setting 'fields' to 'doc_id' and 'limit' to 1.
-
-It supports:
-  • --fields / -f   Comma-separated list of facet fields (required)
-  • --facet-size    Default bucket size (overridden per-field via field=size)
-  • --query  / -q   Optional Lucene-style search filter before aggregation
-
-Example invocations:
-  # Analyze by severity (top 5 buckets)
-  vulnx analyze -f severity=5
-
-  # Analyze by vendor and product for templates with planned / covered coverage
-  vulnx analyze -f affected_products.vendor,affected_products.product \
-                -q 'template_coverage:planned || template_coverage:covered'
-`
-
-			// Print overview
-			fmt.Println(overview)
-			fmt.Println(strings.Repeat("-", 120))
-
 			// Print command usage & flags (default Cobra output) before examples
-			fmt.Println("COMMAND USAGE & FLAGS")
-			fmt.Println(strings.Repeat("-", 120))
 			fmt.Println(cmd.UsageString())
 
 			// Fetch filters via handler

cmd/vulnx/clis/common.go

@@ -61,6 +61,9 @@ var (
 	// Add global no-color flag
 	noColor bool
 
+	// Global disable update check flag
+	globalDisableUpdateCheck bool
+
 	// Track if the banner has already been shown for this invocation
 	bannerShown bool
 
@@ -183,6 +186,9 @@ func init() {
 	// Add persistent no-color flag
 	rootCmd.PersistentFlags().BoolVar(&noColor, "no-color", false, "disable colored output")
 
+	// Add persistent disable update check flag
+	rootCmd.PersistentFlags().BoolVar(&globalDisableUpdateCheck, "disable-update-check", false, "disable automatic vulnx update check")
+
 	// Update flag
 	rootCmd.Flags().Bool("update", false, "update vulnx to latest version")
 
@@ -1007,7 +1013,7 @@ func renderQuickStartCommands() {
 
 // showVersionInfo displays version information like other ProjectDiscovery tools
 func showVersionInfo() {
-	if versionShown || silent {
+	if versionShown || silent || globalDisableUpdateCheck {
 		return
 	}
 	versionShown = true
@@ -1018,21 +1024,16 @@ func showVersionInfo() {
 	// Check for updates using PDTM API
 	latestVersion, err := updateutils.GetToolVersionCallback("vulnx", currentVersion)()
 	if err != nil {
-		// If version check fails, still show current version
-		gologger.Info().Msgf("Current vulnx version %s", currentVersion)
+		// If version check fails, show error only in verbose/debug mode
 		if verbose || debug {
-			gologger.Warning().Msgf("Version check failed: %v", err)
+			gologger.Error().Msgf("vulnx version check failed: %v", err.Error())
 		}
 		return
 	}
 
-	// Format version status
-	status := updateutils.GetVersionDescription(currentVersion, latestVersion)
-	if status == "" || strings.Contains(status, "latest") {
-		status = "latest"
-	}
-
-	gologger.Info().Msgf("Current vulnx version %s (%s)", currentVersion, status)
+	// Format version status exactly like cvemap
+	description := updateutils.GetVersionDescription(currentVersion, latestVersion)
+	gologger.Info().Msgf("Current vulnx version %s %s", currentVersion, description)
 }
 
 // GetUpdateCallback returns a callback function that updates vulnx

cmd/vulnx/clis/completion.go

@@ -127,7 +127,7 @@ _vulnx_completion() {
     prev="${COMP_WORDS[COMP_CWORD-1]}"
 
     # Available commands
-    commands="analyze auth completion healthcheck id mcp search version help"
+    commands="analyze auth completion filters healthcheck id mcp search update version help"
 
     # Available shells for completion command
     shells="bash zsh fish powershell"
@@ -149,7 +149,7 @@ _vulnx_completion() {
             return 0
             ;;
         search)
-            COMPREPLY=( $(compgen -W "--limit -n --offset --sort-asc --sort-desc --fields --term-facets --range-facets --highlight --facet-size --product -p --vendor --exclude-product --exclude-vendor --severity -s --exclude-severity --cpe -c --assignee -a --vstatus --vuln-age --product-file --vendor-file --exclude-product-file --exclude-vendor-file --severity-file --exclude-severity-file --assignee-file --kev-only --template -t --poc --hackerone --remote-exploit ${global_flags}" -- ${cur}) )
+            COMPREPLY=( $(compgen -W "--limit -n --offset --sort-asc --sort-desc --fields --term-facets --range-facets --highlight --facet-size --detailed --product -p --vendor --severity -s --vuln-status --vuln-age -a --kev --template -t --poc --hackerone --remote-exploit --cvss-score --epss-score --tags --vuln-type ${global_flags}" -- ${cur}) )
             return 0
             ;;
         id)
@@ -168,6 +168,14 @@ _vulnx_completion() {
             COMPREPLY=( $(compgen -W "--mode --port ${global_flags}" -- ${cur}) )
             return 0
             ;;
+        update)
+            COMPREPLY=( $(compgen -W "--disable-update-check ${global_flags}" -- ${cur}) )
+            return 0
+            ;;
+        filters)
+            COMPREPLY=( $(compgen -W "${global_flags}" -- ${cur}) )
+            return 0
+            ;;
         version)
             COMPREPLY=( $(compgen -W "--disable-update-check ${global_flags}" -- ${cur}) )
             return 0

cmd/vulnx/clis/search.go

@@ -633,12 +633,12 @@ func init() { // Register flags and add command to rootCmd
 	// NOTE: Assignee filter commented out as search queries don't return results even though field exists in API
 	// searchCmd.Flags().StringSliceVarP(&filterAssignee, "assignee", "a", nil, "Filter by assignee (comma-separated)")
 
-	searchCmd.Flags().StringVar(&filterVulnStatus, "vstatus", "", "filter by vulnerability status (new, confirmed, unconfirmed, modified, rejected, unknown)")
-	searchCmd.Flags().StringVar(&filterVulnAge, "vuln-age", "", "filter by vulnerability age (supports <, >, exact: e.g., '5', '<10', '>30')")
+	searchCmd.Flags().StringVar(&filterVulnStatus, "vuln-status", "", "filter by vulnerability status (new, confirmed, unconfirmed, modified, rejected, unknown)")
+	searchCmd.Flags().StringVarP(&filterVulnAge, "vuln-age", "a", "", "filter by vulnerability age (supports <, >, exact: e.g., '5', '<10', '>30')")
 
 	// Boolean filters with default to true when flag is present without value
-	searchCmd.Flags().StringVar(&filterKevOnly, "kev-only", "", "filter kev (known exploited vulnerabilities) only (true/false)")
-	searchCmd.Flags().Lookup("kev-only").NoOptDefVal = "true"
+	searchCmd.Flags().StringVar(&filterKevOnly, "kev", "", "filter kev (known exploited vulnerabilities) only (true/false)")
+	searchCmd.Flags().Lookup("kev").NoOptDefVal = "true"
 
 	searchCmd.Flags().StringVarP(&filterTemplate, "template", "t", "", "filter cves with nuclei templates (true/false)")
 	searchCmd.Flags().Lookup("template").NoOptDefVal = "true"

cmd/vulnx/clis/searchhelp.go

@@ -2,7 +2,6 @@ package clis
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/projectdiscovery/gologger"
@@ -23,38 +22,7 @@ var (
 					gologger.Fatal().Msgf("Failed to initialize cvemap client: %s", err)
 				}
 			}
-			// 1. Print high-level overview of the search feature
-			overview := `SEARCH COMMAND — OVERVIEW
-
-The search command provides powerful full-text and faceted search across the entire
-ProjectDiscovery Vulnerability Database. It supports:
-  • Lucene-style query syntax (e.g. cvss_score:>7 severity:critical)
-  • Sorting (ascending / descending) on any sortable field
-  • Pagination via limit / offset
-  • Field selection to minimise payload size
-  • Term facets for categorical aggregations (e.g. tags, severity)
-
-Example invocations:
-  # Top 20 remote, exploitable KEV vulns published in 2024
-  vulnx search --limit 20 "is_remote:true && is_kev:true && cve_created_at:>2024"
-
-  # Facet by severity and tag
-  vulnx search --term-facets severity=5,tags=10 is_template:true
-
-  # Sort by CVSS score with filtering
-  vulnx search --sort-desc cvss_score "apache && is_remote:true"
-
-Below is a list of all fields that can be used in search queries. Fields marked
-as "Facet" support term/range faceting. Fields marked "Sortable" can be used
-with --sort-asc/--sort-desc.`
-
-			// Print overview
-			fmt.Println(overview)
-			fmt.Println(strings.Repeat("-", 120))
-
 			// Print command usage & flags (default Cobra output) before field table
-			fmt.Println("COMMAND USAGE & FLAGS")
-			fmt.Println(strings.Repeat("-", 120))
 			fmt.Println(cmd.UsageString())
 
 			// 2. Fetch filters via handler

cmd/vulnx/clis/version.go

@@ -19,8 +19,6 @@ var (
 
 This command displays the current version of vulnx and checks if a newer version
 is available. Update checking can be disabled with the --disable-update-check flag.
-
-Note: Currently uses 'cvemap' for version checking until server-side support is added.
 `,
 		Example: `
 # Show version and check for updates
@@ -43,31 +41,34 @@ vulnx version --disable-update-check
 )
 
 func showVersion() {
-	gologger.Info().Msgf("vulnx version %s", Version)
+	gologger.Info().Msgf("Current vulnx version %s", Version)
 
 	if disableUpdateCheck {
 		return
 	}
 
-	// Use vulnx for version checks - pdtm now supports vulnx directly
+	// Check for latest version using PDTM API
 	latestVersion, err := updateutils.GetToolVersionCallback("vulnx", Version)()
 	if err != nil {
 		if verbose || debug {
-			gologger.Warning().Msgf("Version check failed: %v", err)
+			gologger.Error().Msgf("vulnx version check failed: %v", err.Error())
 		}
 		return
 	}
 
+	// Show version comparison in the same format as cvemap
 	description := updateutils.GetVersionDescription(Version, latestVersion)
 	if description != "" {
-		gologger.Info().Msgf("Update status: %s", description)
+		gologger.Info().Msgf("Current vulnx version %s %s", Version, description)
 
 		// If there's a newer version available, provide helpful information
 		if latestVersion != Version {
 			gologger.Info().Msg("To update vulnx, use:")
 			gologger.Info().Msg("vulnx --update  or  vulnx update")
 			gologger.Info().Msg("Or install via pdtm: pdtm -u vulnx")
 		}
+	} else {
+		gologger.Info().Msgf("Current vulnx version %s (latest)", Version)
 	}
 }
 

pkg/runner/banner.go

@@ -23,6 +23,11 @@ const Version = `v0.0.7`
 func showBanner() {
 	gologger.Print().Msgf("%s\n", banner)
 	gologger.Print().Msgf("\t\tprojectdiscovery.io\n\n")
+
+	// Show deprecation warning
+	gologger.Info().Msgf("⚠️ Important: cvemap uses an older API version that will be discontinued on August 1, 2025.")
+	gologger.Info().Msgf("Please migrate to 'vulnx' for continued access to vulnerability data.")
+	gologger.Info().Msgf("Install: go install github.com/projectdiscovery/cvemap/cmd/vulnx@latest\n")
 }
 
 // GetUpdateCallback returns a callback function that updates proxify

pkg/runner/runner.go

@@ -158,6 +158,9 @@ func ParseOptions() *Options {
 		options.Debug = env.GetEnvOrDefault("DEBUG", false)
 	}
 	if options.Version {
+		gologger.Info().Msgf("⚠️  Important: cvemap uses an older API version that will be discontinued on August 1, 2025.")
+		gologger.Info().Msgf("Please migrate to 'vulnx' for continued access to vulnerability data.")
+		gologger.Info().Msgf("Install: go install github.com/projectdiscovery/cvemap/cmd/vulnx@latest")
 		gologger.Info().Msgf("Current Version: %s\n", Version)
 		os.Exit(0)
 	}