Available commands:

seal add package version - Adds to the local configuration file an instruction to seal all instances of the specified package version.

seal fix - Replaces in-place vulnerable packages with their sealed version according to the mode defined.

By default, the mode is local and it applies the fixes saved in the local configuration file. If mode is all, then it tries to seal every vulnerable package.

--upload-scan-results - Uploads the list of vulnerable packages detected to the Seal server. This is useful for package discovery in case you don't have a source control integration, so Seal cannot scan your code for dependencies. This flag allows Seal to use the CI pipeline integration to detect your vulnerable packages.

seal help - Prints the usage instructions.

seal scan - Scans the project open-source dependencies and prints the list of vulnerable packages and which packages have a sealed version available for download.

--csv string - Saves the output of the scan results to the specified file path.

--generate-local-config - Generates or updates the local configuration file with the recommended fixes, which can later be used by the seal fix command.

--generate-snyk-policy - Generates or updates the .snyk file, so the Snyk scanner is aware of the vulnerabilities fixed by Seal. Can only be used together with --generate-local-config.

--upload-scan-results - Uploads the list of vulnerable packages detected to the Seal server. This is useful for package discovery in case you don't have a source control integration, so Seal cannot scan your code for dependencies. This flag allows Seal to use the CI pipeline integration to detect your vulnerable packages.

seal version - Prints the CLI's version. The latest version is always available here.

Flags:

-h, --help - Prints the usage instructions for the given command.

-v, -vv, -vvv - Sets the logging verbosity level. Useful for debugging.