After we set up the package discovery, and we have some list of of vulnerable packages in the Protection page, we can proceed to setting up the package sealing.

The first time you click on the Seal button next to some vulnerable package you will encounter the following screen:

As you can see, the recommended setup is to integrate the Seal CLI as part of your CI pipeline. With this setup, our CLI will replace the vulnerable packages with sealed ones, in accordance with an instructions file committed to your source control.

However, if you prefer not to use our CLI as part of your CI, you may instead configure Seal as your artifact server, and then manually edit your dependencies.