# Sealing Application Dependencies ## Code examples Here are some simple usage examples of using the Seal CLI to fix application dependencies in the context of various package managers. Please note that the CLI **replaces** the vulnerable packages with their sealed versions. So the process is always: 1. Download the packages normally 2. Run the CLI 3. For relevant ecosystems - build the project ### npm project ```bash # Initialize an npm project npm init -y # Install example dependency npm install ejs@2.7.4 # Scan the manifest file for vulnerable packages and create a local configuration # file telling the CLI to fix the example dependency seal scan --generate-local-config # Note that a .seal-actions.yml file was created # Fix the example dependencies by replacing them with their sealed versions seal fix ``` ### pip project ```bash # Create and activate Python virtual environment python3 -m venv .venv source .venv/bin/activate # Install example dependency pip install pyjwt==1.7.1 # Create the manifest file pip freeze > requirements.txt # Scan the manifest file for vulnerable packages and create a local configuration # file telling the CLI to fix the example dependency seal scan --generate-local-config # Note that a .seal-actions.yml file was created # Fix the example dependencies by replacing them with their sealed versions seal fix ``` ### Maven project ```bash # Create a new project using a Maven template mvn archetype:generate -DgroupId=com.example.app -DartifactId=example-app -DarchetypeArtifactId=maven-archetype-quickstart -DinteractiveMode=false cd example-app # Add example dependency sed -i '' -r "s//\n \n com.fasterxml.jackson.core<\/groupId>\n jackson-databind<\/artifactId>\n 2.10.5.1<\/version>\n <\/dependency>/" pom.xml # Resolve the project's dependencies mvn dependency:resolve # Scan the manifest file for vulnerable packages and create a local configuration # file telling the CLI to fix the example dependency seal scan --generate-local-config # Note that a .seal-actions.yml file was created # Fix the example dependencies by replacing them with their sealed versions seal fix # Build your project using the sealed versions mvn install ``` ### Gradle project ```bash mkdir example-app && cd example-app # Create Gradle project gradle init --type java-application --dsl groovy --package com.example.app --project-name example-app --test-framework junit --java-version 21 --no-split-project --no-incubating # Add example dependency echo ' dependencies { implementation "commons-io:commons-io:2.2" } ' >> app/build.gradle # Resolve the dependencies (newer Gradle versions support --dry-run) ./gradlew build # Scan the manifest file for vulnerable packages and create a local configuration # file telling the CLI to fix the example dependency seal scan --generate-local-config # Note that a .seal-actions.yml file was created # Fix the example dependencies by replacing them with their sealed versions seal fix # Build your project using the sealed versions ./gradlew build ``` ### Composer project ```bash # Initialize a Composer project composer init --name test/project --type=project -n # Install example dependency composer require phpseclib/phpseclib=3.0.23 # Scan the manifest file for vulnerable packages and create a local configuration # file telling the CLI to fix the example dependency seal scan --generate-local-config # Note that a .seal-actions.yml file was created # Fix the example dependencies by replacing them with their sealed versions seal fix ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sealsecurity.io/fundamentals/cli/usage-examples/sealing-application-dependencies.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.