Update documentation for vuln scanning to match behaviour

content/_index.md

@@ -35,7 +35,7 @@ git pkgs why rails      # why was this added?
 git pkgs diff                 # HEAD vs working tree
 git pkgs diff --from=HEAD~10  # what changed recently?
 git pkgs diff main..feature   # compare branches
-git pkgs vulns          # scan for known CVEs
+git pkgs vulns scan     # scan for known CVEs
 git pkgs vulns blame    # who introduced each vulnerability
 git pkgs outdated       # find packages with newer versions
 git pkgs update         # update all dependencies
@@ -51,7 +51,7 @@ The database lives in `.git/pkgs.sqlite3` and stays current through git hooks. C
 Static scanners tell you what's vulnerable. git-pkgs tells you who introduced it, when, and how long it took to fix.
 
 ```bash
-git pkgs vulns                      # scan current dependencies
+git pkgs vulns scan                 # scan current dependencies
 git pkgs vulns blame                # who introduced each vulnerability
 git pkgs vulns praise --summary     # who fixes vulnerabilities fastest
 git pkgs vulns history lodash       # timeline for a specific package

content/docs/vulnerabilities.md

@@ -8,11 +8,11 @@ git-pkgs scans dependencies for known vulnerabilities using the [OSV](https://os
 ## Basic usage
 
 ```bash
-git pkgs vulns                  # scan at HEAD
-git pkgs vulns v1.0.0           # scan at a tag
-git pkgs vulns -s high          # only critical and high severity
-git pkgs vulns -e npm           # filter by ecosystem
-git pkgs vulns -f sarif         # output for GitHub code scanning
+git pkgs vulns scan             # scan at HEAD
+git pkgs vulns scan -c v1.0.0   # scan at a commit or tag
+git pkgs vulns scan -s high     # only critical and high severity
+git pkgs vulns scan -e npm      # filter by ecosystem
+git pkgs vulns scan -f sarif    # output for GitHub code scanning
 ```
 
 ## Blame