CLI
Safeguard articles tagged "CLI" — guides, analysis, and best practices for software supply chain and application security.
9 articles
How to Remediate Transitive Dependency Vulnerabilities
Fix vulnerabilities in the nested packages you never installed directly — trace the import chain, choose between upgrading the parent or overriding the child, and verify the fix without breaking builds.
How to Set Up a Vulnerability Policy Gate
Define a written, version-controlled policy for which vulnerabilities block a release, enforce it consistently across CLI and CI, and manage time-boxed exceptions without an allowlist that lives forever.
How to Scan for Secrets in a Git Repository
Find hardcoded API keys, tokens, and credentials in your working tree and full Git history, stop new leaks at commit time, and remediate a secret that has already been pushed.
How to Scan a Container Image for Vulnerabilities
Scan any Docker or OCI image for OS-package and application-layer vulnerabilities, understand the results, and gate risky images before they reach your registry — with copy-paste commands.
How to Generate an SBOM: A Step-by-Step Guide
Produce a spec-compliant CycloneDX or SPDX software bill of materials from any repository in minutes, validate it, and attach it to a release — with real commands you can run today.
Safeguard Local Runner: Agentic Security on Your Laptop
The Local Runner is a command-line agent that runs Safeguard workflows against your working tree. Think claude-code-for-security, but for supply chain.
Getting Started with Safeguard CLI: Your First Scan
Install the Safeguard CLI, authenticate, and run your first dependency and SBOM scan in under ten minutes. Covers config, output formats, and CI wiring.
Safeguard CLI v5: Faster, Smarter, More Extensible
Safeguard CLI v5 brings a rewritten scanning engine, plugin architecture, and native CI/CD integration. Here is what is new and how to upgrade.
Safeguard CLI: Supply Chain Security Without Leaving Your Terminal
The Safeguard CLI brings SBOM generation, vulnerability scanning, policy checks, and supply chain queries directly into your development workflow.