The CLI enables you to to easily detect vulnerable open-source dependencies and see for which ones a vulnerability-free sealed version exists.

Using the CLI is very simple:

  1. Go to the root directory of the project and install its dependencies (e.g npm install).

  2. Run seal scan. To save the output as a CSV use seal scan --csv output.txt. The dependencies will be checked against several vulnerability databases (such as OSV).

  3. The results will be presented as a table of packages and vulnerabilities. The CAN SEAL and SEALED VERSION columns show whether the particular vulnerable package has a patched version that is available on Seal's artifact server. For example:

Last updated