The script should be used by people interested in contributing to the cvechecker' success.
~$ cverules -r > output.txt
The generated output.txt file can then be submitted to the cvechecker project, allowing it to improve the versions.dat.
First of all, if a package is already matched by existing rules, the rest of the package' content isn't scanned anymore. This is because the tool wants to identify software and versions - once one has been detected, further detection is less useful and very resource consuming.
Second, if a package isn't detected properly, the script will see if the version based on the distributions' package version can be found. If it can't, then it cannot identify the version properly and ignores the package.
Third, if the script does find a match for the version, it tries out a few regular expressions (which have a high probability rate to match the version) but has no intelligence to optimize the expressions. If the tried expressions fail, the script will ignore the package.