Install the Snyk CLI
Use our Snyk CLI tool to find and fix known vulnerabilities in your dependencies, both ad hoc and as part of your CI (Build) system.
The Snyk CLI requires you to authenticate with your account before using it.
Install the Snyk CLI using one of these options:

Install the Snyk CLI with npm or Yarn

Install our Snyk CLI tool using npm.
Prerequisites:
Steps:
Snyk CLI is available as an npm package. If you have Node.js installed locally, you can install it by running:
1
npm install [email protected] -g
Copied!
or if you are using Yarn:
1
yarn global add snyk
Copied!
Once installed, you need to authenticate with your Snyk account:
1
snyk auth
Copied!
To test your installation change directory into a folder containing a supported package manifest file (package.json, pom.xml, composer.lock, etc.) and run:
1
cd /my/project/
2
snyk test
Copied!
Alternatively, you can perform a quick test on a public npm package, for instance:
1
snyk test ionic
Copied!
As you can see, Snyk found and reported several vulnerabilities in the package. For each issue found, Snyk provides the severity of the issue, a link to a detailed description, the path through which the vulnerable module got into your system, and guidance on how to fix the problem.

More installation methods

Standalone executables (macOS, Linux, Windows)

Standalone executables

Use GitHub Releases to download a standalone executable of Snyk CLI for your platform.
We also provide these standalone executables on our official CDN. See the release.json file for the download links:
1
https://static.snyk.io/cli/latest/release.json
2
3
# Or for specific version or platform
4
https://static.snyk.io/cli/v1.666.0/release.json
5
https://static.snyk.io/cli/latest/snyk-macos
Copied!
For example, to download and run the latest Snyk CLI on macOS, you could run:
1
curl https://static.snyk.io/cli/latest/snyk-macos -o snyk
2
chmod +x ./snyk
3
mv ./snyk /usr/local/bin/
Copied!
You can also use these direct links to download the executables:
Drawback of this method is, that you will have to manually keep the Snyk CLI up to date.

Install with Homebrew (macOS, Linux)

Install Snyk CLI from Snyk tap with Homebrew by running:
1
brew tap snyk/tap
2
brew install snyk
Copied!

Scoop (Windows)

Install Snyk CLI from our Snyk bucket with Scoop on Windows:
1
scoop bucket add snyk https://github.com/snyk/scoop-snyk
2
scoop install snyk
Copied!

Snyk CLI in a Docker image

Snyk CLI can also be run from a Docker image. Snyk offers multiple Docker images under snyk/snyk-cli and snyk/snyk (snyk/images on GitHub for more details).
These images wrap the Snyk CLI and depending on the Tag come with a relevant tooling for different projects. For example scanning a Gradle project with snyk/snyk-cli:
1
docker run -it
2
-e "SNYK_TOKEN=<TOKEN>"
3
-e "USER_ID=1234"
4
-v "<PROJECT_DIRECTORY>:/project"
5
-v "/home/user/.gradle:/home/node/.gradle"
6
snyk/snyk-cli:gradle-5.4 test --org=my-org-name
Copied!

Install as a part of a Snyk CLI integration

Snyk also offers many integrations into developer tooling. These integrations will install and manage the Snyk CLI for you. For example:
Once you've completed installation, get started testing and remediating your vulnerabilities with our Getting started guide and our full list of our CLI commands, options and arguments.

Getting started with Snyk CLI

Once you installed the Snyk CLI, you can verify it's working by running
1
snyk --version
Copied!

Authorization

Snyk CLI depends on Snyk.io APIs. Connect your Snyk CLI with Snyk.io by running:
1
snyk auth
Copied!

Scanning your project

If you are already in a folder with a supported project, start by running:
1
snyk test
Copied!
Or scan a Docker image by its tag with Snyk Container:
1
snyk container test ubuntu:18.04
Copied!
Or a k8s file:
1
snyk iac test /path/to/kubernetes_file.yaml
Copied!

Monitoring your project

Snyk can also monitor your project periodically and alert you for new vulnerabilities. The snyk monitor is similar to snyk test and can be used to create a project on the Snyk website that will be continuously monitored for new vulnerabilities.
For any security issues or concerns, please see SECURITY.md file in this repository.

Security

This repository is a monorepo, also covering other projects and tools:
This project is open source but we don't encourage outside contributors.

Contributing

GitHub Issues on any Snyk project are not actively monitored by Snyk support.
We recommend reaching out via the [email protected] email whenever you need help with Snyk CLI or Snyk in general.

Getting support

1
snyk --help
2
# or get help for a specific command like
3
snyk iac --help
4
snyk code --help
Copied!
See all the available commands and options by running --help:
    --severity-threshold=low|medium|high|critical
    Only report vulnerabilities of provided level or higher.
    --json
    Prints results in JSON format.
    --all-projects
    Auto-detect all projects in working directory
Here are some flags that you might find useful:

More flags and options to try

1
# Using a SNYK_TOKEN envvar (preferred)
2
SNYK_TOKEN=<SNYK_API_TOKEN> snyk test
3
4
# Or using a Snyk auth command
5
snyk auth <SNYK_API_TOKEN>
6
snyk test
Copied!
You can authorize Snyk CLI in your CI/CD programmatically:
Use one of our integrations to stay secure.
Snyk is really powerful when you are continuously scanning and monitoring your projects for vulnerabilities.

Add Snyk to your CI/CD

1
> snyk monitor
2
Monitoring /project (project-name)...
3
4
Explore this snapshot at https://app.snyk.io/org/my-org/project/29361c2c-9005-4692-8df4-88f1c040fa7c/history/e1c994b3-de5d-482b-9281-eab4236c851e
5
6
Notifications about newly disclosed issues related to these dependencies will be emailed to you.
Copied!
See also:
Last modified 9d ago