Available commands:

seal add package version - Adds to the local configuration file an instruction to seal all instances of the specified package version.

seal fix - Replaces in-place vulnerable packages with their sealed version according to the mode defined.

By default, the mode is local and it applies the fixes saved in the local configuration file. If mode is all, then it tries to seal every vulnerable package.

seal help - Prints the usage instructions.

seal scan - Scans the project open-source dependencies and prints the list of vulnerable packages and which packages have a sealed version available for download.

--csv string - Saves the output of the scan results to the specified file path.

--generate-local-config - Generates or updates the local configuration file with the recommended fixes, which can later be used by the seal fix command.

--generate-snyk-policy - Generates or updates the .snyk file, so the Snyk scanner is aware of the vulnerabilities fixed by Seal. Can only be used together with --generate-local-config.

seal version - Prints the CLI's version. The latest version is always available here.


-h, --help - Prints the usage instructions for the given command.

-v, -vv, -vvv - Sets the logging verbosity level. Useful for debugging.

Last updated