Getting started
You need the Veln CLI on a developer machine, an org license from the cloud console, and a project with real lockfiles (for example npm, pnpm, yarn, or Python lockfiles your stack already uses).
1. Install the CLI
After you create an organization in the Veln Console, the console shows the copy-paste install command for your OS (macOS, Linux, and Windows are supported). Once installed, confirm with veln version.
Every Veln release is signed both with an embedded Ed25519 sidecar (the agent verifies this on every startup — a tampered binary refuses to run) and with cosign keyless OIDC signatures attached to the GitHub Release. The install command shown in the console is the authoritative path; cosign verification instructions for high-assurance pre-install checks will ship alongside the public release notes.
2. Activate
Create an org in the console (or accept an invite), then run veln activate. The CLI opens your browser to approve this machine and stores a device access token locally — no tokens to copy or paste into environment variables. Re-running veln activate later refreshes the token.
3. Run verify
From a project root, run veln verify -dir . (or your chosen directory). Read the result in the terminal — that is the primary enforcement surface. Use -json when you need machine-readable output for scripts, or -markdown for a PR-comment-ready report.
On a legacy project with many existing warnings, run veln verify -generate-allowlist once to baseline every current finding into your config in a single shot. Future runs then surface only new signals.
4. Recommended: enable the wrapper (developer machines)
Run veln wrapper on once. This is the canonical primary defense on developer machines: it installs PATH shims for every gate-routable binary (npm, npx, yarn, pnpm, bun, pip, pip3, uv, pipx, go, bundle, cargo, dotnet, mvn, gradle). After that, your existing commands transparently route through the Gate and an OS-level sandbox (Landlock on Linux, sandbox-exec on macOS, Job Object + restricted token on Windows) that contains anything that slips past it. See Sandbox & wrappers.
One-off variant without enabling globally: veln npm install <pkg> (or veln pip install <pkg>, veln yarn add <pkg>, etc.) wraps a single invocation through gate + sandbox without touching PATH.
5. Optional: gate (shared / server environments)
For a shared build host or team proxy where you want transparent enforcement without changing the build script, configure and run Gate as a long-running proxy on that licensed machine. Installs call plain npm install; the gate enforces silently. On developer machines the wrapper above is the better fit.
Alternatively, veln onboarding walks you through every step above in one interactive flow.
6. Explore the rest
The rest of the command surface — package (single-package lookup), explain (why is this in my lockfile?), diff (what changed between two snapshots?), fix (suggest safer versions), license (SPDX policy enforcement) — is documented on the Agent & CLI page. Most accept -json and -markdown.