User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • APIs
    • List Vulnerable Packages
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals
  2. CLI

Uploading Scan Results

PreviousIntegrating with the CINextCommands

Last updated 6 months ago

The best way to let the Seal platform track your vulnerabilities is by with the Seal app. However, this isn't always possible.

An alternative way of letting Seal track your vulnerabilities is by using the Seal CLI run as part of your CI pipeline, and having it report home to the Seal server the vulnerable packages you're using. This is slightly less reliable than a direct source control integration, but can still provide an accurate picture of the vulnerabilities in your project.

If you're only using the CLI for scanning then just append the --upload-scan-results flag to the seal scan command.

If you're using the CLI to fix the vulnerabilities, either through , the or the deployments, then just append the --upload-scan-results flag to the seal fix command.

integrating your source control
Automatic Remediation
Remote Configuration
Local Configuration