Ctrlk
SupportSnyk LearnAPI referenceProduct updatesSign up for free
Edit

Install the Snyk CLI

The Snyk CLI can be installed across all major operating systems using several different methods, depending on your existing toolset:

  • Package managers: Use tools like npm, Homebrew, or Scoop for a quick installation.

  • Docker: Run Snyk in a container for a consistent scanning environment.

  • GitHub Actions and CI/CD: Use pre-built integrations to automate scanning within your deployment pipelines.

  • Direct binary download: Download a standalone executable for Windows, MacOS, or Linux.

After you install the CLI, authenticate your Snyk account to start scanning your Snyk Projects. For more information, visit Authenticate to use the CLI.

The Snyk CLI does not natively support Windows Subsystem for Linux (WSL). You can install and use the CLI in a WSL environment, but Snyk does not guarantee compatability. Consequently, Snyk integrations that rely on the CLI, such as IDE extensions and CI/CD plugins, do not natively support WSL.

Common installation steps

Regardless of your choice of tool, there are common steps to ensuring your installation of the Snyk CLI is a success:

  1. Install the Snyk CLI using your preferred method.

  2. Verify the installed Snyk CLI version using snyk --version.

  3. Authenticate the Snyk CLI to your account.

To learn how to upgrade the Snyk CLI for your chosen tool, visit Upgrade the Snyk CLI.

To use CLI releases before version 1.1230.0 on an Apple M1 or M2 machine (darwin/arm64), visit Using CLI releases before version 1.1230.0 on an Apple M1 or M2 machine.

Installation methods

Package managers

Install with Homebrew (MacOS and Linux)

For Apple M1 or M2 (darwin/arm64), visit Using CLI releases before version 1.1230.0 on an Apple M1 or M2 machine.

  1. Install and verify Homebrew using any method specified in their documentation. Visit Install Homebrew for more information.

  2. Install Homebrew Tap for Snyk. The tap is updated daily with the latest Snyk CLI release.

  3. Install the Snyk CLI for Homebrew:

  4. Verify that the installation has succeeded:

  5. Authenticate. For more details, visit Authenticate locally.

Install with npm

Ensure you have permission to install global npm packages and network access to the npm registry to have a successful installation.

  1. For Snyk CLI version 1.853.0 or later, install the latest version of npm on your machine using Node.js version 12 or later and npm version 7 or later.

  2. Install the npm package:

  3. Authenticate. For more details, visit Authenticate locally.

Install with Yarn

  1. Install with Yarn by running the command:

  2. Authenticate. For more details, visit Authenticate locally.

Install with Scoop (Windows)

  1. Add the official Snyk bucket to your machine:

  2. Install the Snyk CLI:

  3. Verify that the installation has succeeded:

  4. Authenticate. For more details, visit Authenticate locally.

Docker

Snyk offers multiple Docker images under snyk/snyk on Docker Hub. To learn more, visit snyk/snyk-images on GitHub.

Snyk provides a universal image and specialized images for specific package managers:

  • Universal: snyk/snyk

  • Language specific: snyk/snyk:node, snyk/snyk:maven, snyk/snyk:python, and so on.

Download the pre-packaged tools using the following command, specifying the universal or language specific image of your choosing:

Authenticate the connection. For more details, visit Authentication in Docker.

GitHub actions and CI/CD

GitHub actions

  1. In your Snyk account, navigate to Account Settings and copy your Auth token. Use a Service Account Token if you are an Enterprise plan user, to protect your pipeline from breaking if you as an individual leave the comapny.

  2. Navigate to Settings > Secrets and variables > Actions, and create a New repository secret in the format:

    1. Name: SNYK_TOKEN

    2. Secret: Your Snyk Auth token or Service Account Token

  3. In GitHub repository:

    1. Create a folder named .github.

    2. Within that folder, create another folder named workflows.

    3. Create a file named snyk-scan.yml. The entire filepath should be .github/workflows/snyk.yml.

    4. Add your YAML code to this file and commit it:

CI/CD

For detailed instructions on using the Snyk CLI with CI/CD integrations, visit Snyk CI/CDs.

Direct binary download

When using standalone executables, you must keep the Snyk CLI up to date manually.

Snyk provides standalone executables on the Snyk Content Delivery Network (CDN). For the latest download links, visit the latest release.json file.

For instructions on how to verify the shasum of downloaded binaries and their GPG signatures, visit Verifying CLI standalone binaries.

Install for MacOS and Linux

If you are unsure about which architecture you have, run uname -m. arm64 or aarch64 means ARM; x86_64 or amd64 means Intel or AMD.

Download the standalone binary for your operating system and CPU architecture, make it executable, then move it onto your PATH.

  1. Download the binary that matches your system:

  1. Make the downloaded file executable:

  1. Move it to a folder in your PATH:

Install for Windows

For Windows, download the .exe and manually add its location to your system variables.

  1. Download snyk-win.exe

  2. Rename the file from snyk-win.exe to just snyk.exe.

  3. Move it to a permanent folder (for example, C:\tools\snyk\).

  4. Add to PATH:

    1. Search for Environment Variables in your Start Menu.

    2. Under System Variables, find Path and click Edit.

    3. Add the path to the folder where you saved the .exe (e.g., C:\tools\snyk\).

PreviousGetting started with the Snyk CLINextVerifying CLI standalone binaries

Last updated

Was this helpful?