User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • APIs
    • List Vulnerable Packages
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals
  2. CLI

Scanning

The CLI enables you to to easily detect vulnerable open-source dependencies and see for which ones a vulnerability-free sealed version exists.

Using the CLI is very simple:

  1. Go to the root directory of the project and install its dependencies (e.g npm install).

  2. Run seal scan. To save the output as a CSV use seal scan --csv output.txt. The dependencies will be checked against several vulnerability databases (such as OSV).

  3. The results will be presented as a table of packages and vulnerabilities. The CAN SEAL and SEALED VERSION columns show whether the particular vulnerable package has a patched version that is available on Seal's artifact server. For example:

LIBRARY
VERSION
ECOSYSTEM
VULNERABILITIES
CAN SEAL
SEALED VERSION

d3-color

2.0.0

Node

GHSA-36jr-mh4h-2g58 (5.3)

V

2.0.0-sp1

semver

7.0.0

Node

CVE-2022-25883 (7.5)

V

7.0.0-sp1

set-value

3.0.3

Node

CVE-2021-23440 (7.3)

X

passport-saml

1.5.0

Node

CVE-2022-39299 (8.1) CVE-2021-39171 (5.3)

V

1.5.0-sp1

axios

0.21.4

Node

CVE-2023-45857 (7.1)

V

0.21.4-sp1

PreviousDownload and InstallationNextFixing All Dependencies

Last updated 5 months ago