Eclipse plugin

Snyk offers IDE integrations that allow you to use the functionality of Snyk in your Integrated Development Environment. This page describes the Snyk Eclipse plugin. For information about all of the IDE plugins and their use, see Snyk for IDEs in the docs.
The Snyk Eclipse plugin provides analysis of your code, containers, and Infrastructure as Code configurations.
Snyk scans for vulnerabilities, open source license issues, code quality, and infrastructure misconfigurations and returns results with security issues categorized by issue type and severity.
For open source, you receive automated, algorithm-based fix suggestions for both direct and transitive dependencies. This single plugin provides a Java vulnerability scanner or an open-source security scanner.
Snyk scans for the following types of issues:
​Open Source Security - security vulnerabilities and license issues in both the direct and in-direct (transitive) open-source dependencies pulled into the Snyk Project. See also the Open Source docs.
​Code Security and Code Quality - security vulnerabilities and quality issues in your code. See also the Snyk Code docs.
​Infrastructure as Code (IaC) Security - configuration issues in your IaC templates: Terraform, Kubernetes, CloudFormation, and Azure Resource Manager. See also the Snyk Infrastructure as Code docs.
After you have installed and configured the Eclipse plugin, every time you run it, open a file, or autosave, Snyk scans the manifest files, proprietary code, and configuration files in your project. Snyk delivers actionable vulnerability, license, code quality, or misconfiguration issue details and displays the results natively within the Eclipse UI.
This page explains supported environments, support, and giving feedback and provides installation instructions. After you complete the steps on this page, you will continue by following the instructions in the other Eclipse plugins docs:
​Download the CLI and language server with the Eclipse plugin​
​Authentication for the Eclipse plugin​
​Configuration of the Eclipse plugin​
​Environment variables for the Eclipse plugin​
​Use the Snyk plugin to secure your Eclipse projects​
​SAST scanning results (SAST, Snyk Code)​
​Misconfiguration scanning results (Snyk Infrastructure as Code)​
​Third party dependency scanning (SCA, Snyk Open Source)​
​Troubleshooting for the Eclipse plugin​
Where you can download the Eclipse plugin
Eclipse Marketplace (recommended): https://marketplace.eclipse.org/content/snyk-security-code%E2%80%8B-open-source%E2%80%8B-iac-configurations​
Preview update site (CI/CD, on commit): https://storage.googleapis.com/snyk-eclipse-plugin-test/preview/repository/​
Update site (weekly): https://storage.googleapis.com/snyk-eclipse-plugin/weekly/repository/​
Manual downloads: https://github.com/snyk/snyk-eclipse-plugin/releases​
Signing Information for Jars
If you want to verify the correct provenance of your download, please verify the signing details from the Eclipse dialog with this data.
The signing key details to verify the integrity and origin of the download plugin
The plugin runs on
macOS
Linux
Windows
Supported Eclipse Versions
2022-06
2022-03
2021-12
2021-09
2021-06
2021-03
Supported languages, package managers, and frameworks
For Snyk Open Source, the Eclipse plugin supports the languages and package managers supported by Snyk Open Source and the CLI except C/C++. See Open Source - Supported languages and package managers.
For Snyk Code, the Eclipse plugin supports all the languages and frameworks supported by Snyk Code.
For Snyk IaC, the Eclipse plugin supports the following IaC templates: Terraform, Kubernetes, CloudFormation, and Azure Resource Manager.
How to install the Snyk Eclipse plugin
Navigate to the Marketplace from your running Eclipse instance. Search for Snyk and click Install.
Eclipse Marketplace search showing Snyk plugin and Install button
When prompted accept the license agreement add the Snyk Security certificate to complete the installation (this happens only once).
Add Snyk Security certificate
Restart the Eclipse instance:
Restart Eclipse
Once Eclipse is restarted, navigate to Eclipse Preferences to ensure that Snyk now appears in the list:
Eclipse preferences showing Snyk.
When you open the preferences you can opt out of downloading the CLI through the plugin and thus use your own installation of the CLI.
Continue with the steps to Download the CLI and language server with the Eclipse plugin.
Support and feedback
If you need help, submit a request to Snyk Support.
Snyk continuously strives to improve the Snyk plugins experience. If you would you like to share your feedback about the Snyk Eclipse plugin, schedule a meeting.

Snyk for IDEs

Download the CLI and language server with the Eclipse plugin

Last modified 20d ago

Export as PDF

Copy link

Edit on GitHub

On this page

Where you can download the Eclipse plugin

Supported Eclipse Versions

Supported languages, package managers, and frameworks

How to install the Snyk Eclipse plugin

Support and feedback