Install the Snyk CLI

The Snyk CLI can be installed across all major operating systems using several different methods, depending on your existing toolset:

Package managers: Use tools like npm, Homebrew, or Scoop for a quick installation.
Docker: Run Snyk in a container for a consistent scanning environment.
GitHub Actions and CI/CD: Use pre-built integrations to automate scanning within your deployment pipelines.
Direct binary download: Download a standalone executable for Windows, MacOS, or Linux.

After you install the CLI, authenticate your Snyk account to start scanning your Snyk Projects. For more information, visit Authenticate to use the CLI.

The Snyk CLI does not natively support Windows Subsystem for Linux (WSL). You can install and use the CLI in a WSL environment, but Snyk does not guarantee compatability. Consequently, Snyk integrations that rely on the CLI, such as IDE extensions and CI/CD plugins, do not natively support WSL.

Common installation steps

Regardless of your choice of tool, there are common steps to ensuring your installation of the Snyk CLI is a success:

Install the Snyk CLI using your preferred method.
Verify the installed Snyk CLI version using snyk --version.
Authenticate the Snyk CLI to your account.

To learn how to upgrade the Snyk CLI for your chosen tool, visit Upgrade the Snyk CLI.

To use CLI releases before version 1.1230.0 on an Apple M1 or M2 machine (darwin/arm64), visit Using CLI releases before version 1.1230.0 on an Apple M1 or M2 machine.

Installation methods

Package managers

Install with Homebrew (MacOS and Linux)

For Apple M1 or M2 (darwin/arm64), visit Using CLI releases before version 1.1230.0 on an Apple M1 or M2 machine.

Install and verify Homebrew using any method specified in their documentation. Visit Install Homebrew for more information.
Install Homebrew Tap for Snyk. The tap is updated daily with the latest Snyk CLI release.
```
brew tap snyk/tap
```
Install the Snyk CLI for Homebrew:
```
brew install snyk
```
Verify that the installation has succeeded:
```
brew list snyk
```
Authenticate. For more details, visit Authenticate locally.

Install with npm

Ensure you have permission to install global npm packages and network access to the npm registry to have a successful installation.

For Snyk CLI version 1.853.0 or later, install the latest version of npm on your machine using Node.js version 12 or later and npm version 7 or later.
Install the npm package:
```
npm install snyk -g
```
Authenticate. For more details, visit Authenticate locally.

Install with Yarn

Install with Yarn by running the command:
```
yarn global add snyk
```
Authenticate. For more details, visit Authenticate locally.

Install with Scoop (Windows)

Add the official Snyk bucket to your machine:

scoop bucket add snyk https://github.com/snyk/scoop-snyk

Install the Snyk CLI:
```
scoop install snyk
```
Verify that the installation has succeeded:
```
snyk --version
```
Authenticate. For more details, visit Authenticate locally.

Docker

Snyk offers multiple Docker images under snyk/snyk on Docker Hub. To learn more, visit snyk/snyk-images on GitHub.

Snyk provides a universal image and specialized images for specific package managers:

Universal: snyk/snyk
Language specific: snyk/snyk:node, snyk/snyk:maven, snyk/snyk:python, and so on.

Download the pre-packaged tools using the following command, specifying the universal or language specific image of your choosing:

Pull the Snyk universal image

docker pull snyk/snyk

Pull the Snyk language specific image

docker pull snyk/snyk:node

Authenticate the connection. For more details, visit Authentication in Docker.

GitHub actions and CI/CD

GitHub actions

In your Snyk account, navigate to Account Settings and copy your Auth token. Use a Service Account Token if you are an Enterprise plan user, to protect your pipeline from breaking if you as an individual leave the comapny.
Navigate to Settings > Secrets and variables > Actions, and create a New repository secret in the format:
1. Name: SNYK_TOKEN
2. Secret: Your Snyk Auth token or Service Account Token

In GitHub repository:

Create a folder named .github.
Within that folder, create another folder named workflows.
Create a file named snyk-scan.yml. The entire filepath should be .github/workflows/snyk.yml.

Add your YAML code to this file and commit it:

name: Snyk Security Scan
on: push
jobs:
  snyk:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      # Use the action matching your language (node, python, go, and so on)
      - name: Run Snyk to check for vulnerabilities
        uses: snyk/actions/node@master
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
        with:
          args: --severity-threshold=high

CI/CD

For detailed instructions on using the Snyk CLI with CI/CD integrations, visit Snyk CI/CDs.

Direct binary download

When using standalone executables, you must keep the Snyk CLI up to date manually.

Snyk provides standalone executables on the Snyk Content Delivery Network (CDN). For the latest download links, visit the latest release.json file.

For instructions on how to verify the shasum of downloaded binaries and their GPG signatures, visit Verifying CLI standalone binaries.

Install for MacOS and Linux

Use curl to download the binary, make it executable, and move it to your system path in one go.

For Intel/AMD (x86_64) use the following commands:

# Download
curl --compressed https://downloads.snyk.io/cli/latest/snyk-linux -o snyk

# Make the file executable
chmod +x ./snyk

# Move to a folder in your PATH
sudo mv ./snyk /usr/local/bin/

For Apple Silicon (M1/M2/M3) use the following commands:

# Download
curl --compressed https://downloads.snyk.io/cli/latest/snyk-macos-arm64 -o snyk

# Make the file executable
chmod +x ./snyk

# Move to a folder in your PATH
sudo mv ./snyk /usr/local/bin/

Install for Alpine

Use curl to download the binary, make it executable, and move it to your system path in one go.

For Intel/AMD (x86_64) use the following commands:

# Download

curl --compressed https://downloads.snyk.io/cli/stable/snyk-alpine -o snyk

# Make the file executable

chmod +x ./snyk

# Move to a folder in your PATH. May require sudo.

mv ./snyk /usr/local/bin/

For ARM64 use the following commands:

# Download

curl --compressed https://downloads.snyk.io/cli/stable/snyk-alpine-arm64 -o snyk

# Make the file executable

chmod +x ./snyk

# Move to a folder in your PATH. May require sudo.

mv ./snyk /usr/local/bin/

Install for Windows

For Windows, download the .exe and manually add its location to your system variables.

Download snyk-win.exe
Rename the file from snyk-win.exe to just snyk.exe.
Move it to a permanent folder (for example, C:\tools\snyk\).
Add to PATH:
1. Search for Environment Variables in your Start Menu.
2. Under System Variables, find Path and click Edit.
3. Add the path to the folder where you saved the .exe (e.g., C:\tools\snyk\).

PreviousGetting started with the Snyk CLI NextVerifying CLI standalone binaries

Last updated 6 days ago

Was this helpful?

hashtagCommon installation steps

hashtagInstallation methods

hashtagPackage managers

hashtagDocker

hashtagGitHub actions and CI/CD

hashtagDirect binary download

Common installation steps

Installation methods

Package managers

Docker

GitHub actions and CI/CD

Direct binary download