Integrating the CLI in the CI

The Seal CLI was designed to be easily integrated as part of an organization's CI pipeline.

The Seal CLI will replace vulnerable packages according to the way it's configured. This includes a possibility for complete automation, whereby any vulnerable package is automatically replaced with its sealed version, as well as other configurations that can give developers and security teams varying degrees of control over the process.

By using the CLI Seal can provide you with the clearest picture of what vulnerable package you're using where, as well as track the deployment of sealed packages throughout the organization. Moreover, using the CLI bypasses a lot of quirky behaviors of individual package managers, thereby simplifying the sealing process even for manual users.

There are two main setups that are presently supported:

  1. GitHub actions - For instructions about how to use Seal's GitHub action see here.

  2. Other CI platforms - For instructions about how to integrate Seal's CLI into other CI platforms see here.

To quickly run an example on your machine without configuring your CI see the usage examples.

Last updated