Nadie Programa más


    1.1066.0 • Public • Published

    Snyk CLI

    Snyk scans and monitors your projects for security vulnerabilities.

    Snyk CLI screenshot

    What is Snyk?

    Snyk is a developer-first cloud-native security tool. It covers multiple areas of application security:

    1. Snyk Open Source: Find and automatically fix open source vulnerabilities
    2. Snyk Code: Find and fix vulnerabilities in your application code in real time
    3. Snyk Container: Find and fix vulnerabilities in container images and Kubernetes applications
    4. Snyk Infrastructure as Code: Find and fix insecure configurations in Terraform and Kubernetes code

    Learn more about what Snyk can do and sign up for a free account »

    What is Snyk CLI?

    Snyk CLI brings the functionality of Snyk into your development workflow. It can be run locally or in your CI/CD pipeline to scan your projects for security issues.

    Supported languages and tools

    Snyk supports many languages and tools, including Java, .NET, JavaScript, Python, Golang, PHP, C/C++, Ruby, Scala and more. See our Language Support documentation.

    CLI also supports Docker scanning and Terraform, k8s and other Infrastructure as Code files scanning.

    Install Snyk CLI

    Snyk CLI can be installed through multiple channels.

    Install with npm or Yarn

    Snyk CLI is available as an npm package. If you have Node.js installed locally, you can install it by running:

    npm install snyk@latest -g

    or if you are using Yarn:

    yarn global add snyk

    More installation methods

    Standalone executables (macOS, Linux, Windows)

    Standalone executables

    Use GitHub Releases to download a standalone executable of Snyk CLI for your platform.

    We also provide these standalone executables on our official CDN. See the release.json file for the download links:
    # Or for specific version or platform

    For example, to download and run the latest Snyk CLI on macOS, you could run:

    curl -o snyk
    chmod +x ./snyk
    mv ./snyk /usr/local/bin/

    You can also use these direct links to download the executables:

    Drawback of this method is, that you will have to manually keep the Snyk CLI up to date.

    Verifying standalone binaries

    You can verify both shasum of downloaded binaries and their GPG signatures.

    Download location on contains a file called sha256sums.txt.asc. You can download it directly or for a specific version like

    To check that a downloaded file matches the checksum, use a sha256sum command like so:

    grep snyk-macos sha256sums.txt.asc | sha256sum -c -

    If you want to verify Snyk CLI standalone binaries against Snyk CLI GPG key, you will need to import it first:

    # 68BFBCCEB7794E6FC06A2044A29C32E91F4B9569 is the key belonging to
    # Copy of this public key is also in this repository /help/_about-this-project/snyk-code-signing-public.pgp
    gpg --keyserver hkps:// --recv-keys 68BFBCCEB7794E6FC06A2044A29C32E91F4B9569

    Then verify the file is signed with:

    gpg --verify sha256sums.txt.asc

    Command output should look like:

    gpg: Signature made Mon Apr 25 16:55:01 2022 CEST
    gpg:                using RSA key 68BFBCCEB7794E6FC06A2044A29C32E91F4B9569
    gpg: Good signature from "Snyk Limited <>" [unknown]
    gpg: WARNING: This key is not certified with a trusted signature!
    gpg:          There is no indication that the signature belongs to the owner.
    Primary key fingerprint: 68BF BCCE B779 4E6F C06A  2044 A29C 32E9 1F4B 9569
    Install with Homebrew (macOS, Linux)


    Install Snyk CLI from Snyk tap with Homebrew by running:

    brew tap snyk/tap
    brew install snyk
    Scoop (Windows)


    Install Snyk CLI from our Snyk bucket with Scoop on Windows:

    scoop bucket add snyk
    scoop install snyk
    Snyk CLI in a Docker image

    Snyk CLI in a Docker image

    Snyk CLI can also be run from a Docker image. Snyk offers multiple Docker tags under snyk/snyk. These images wrap the Snyk CLI and depending on the Tag come with a relevant tooling for different projects. See the snyk/images on GitHub for more details and examples.

    Install as a part of a Snyk CLI integration

    Snyk also offers many integrations into developer tooling. These integrations will install and manage the Snyk CLI for you. For example:

    Snyk CLI IDE integration

    Getting started with Snyk CLI

    Once you installed the Snyk CLI, you can verify it's working by running:

    snyk --help

    See the full Snyk CLI help.

    Authenticating Snyk CLI

    Snyk CLI depends on APIs. Connect your Snyk CLI with by running:

    snyk auth

    Setting up language support

    Depending on your project's language, you might need to setup your language environment before using Snyk.

    See our Language Support documentation.

    Scanning your project

    If you are already in a folder with a supported project, start by running:

    snyk test

    Or scan a Docker image by its tag with Snyk Container:

    snyk container test ubuntu:18.04

    Or a k8s file:

    snyk iac test /path/to/kubernetes_file.yaml

    Monitoring your project

    Snyk can also monitor your project periodically and alert you for new vulnerabilities. The snyk monitor is similar to snyk test and can be used to create a project on the Snyk website that will be continuously monitored for new vulnerabilities.

    Snyk CLI monitor projects

    > snyk monitor
    Monitoring /project (project-name)...
    Explore this snapshot at
    Notifications about newly disclosed issues related to these dependencies will be emailed to you.

    Add Snyk to your CI/CD

    Snyk is really powerful when you are continuously scanning and monitoring your projects for vulnerabilities.

    Use one of our integrations to stay secure.

    You can authorize Snyk CLI in your CI/CD programatically:

    # Using a SNYK_TOKEN envvar (preferred)
    # Or using a Snyk auth command
    snyk auth <SNYK_API_TOKEN>
    snyk test

    More flags and options to try

    Here are some flags that you might find useful:

    • --severity-threshold=low|medium|high|critical

      Only report vulnerabilities of provided level or higher.

    • --json

      Prints results in JSON format.

    • --all-projects

      Auto-detect all projects in working directory

    See all the available commands and options by running --help:

    snyk --help
    # or get help for a specific command like
    snyk iac --help
    snyk code --help

    Getting support

    If you need support using Snyk CLI, please contact support.

    We do not actively monitor GitHub Issues so any issues there may go unnoticed.


    If you are an external contributor, before working on any contributions, please first contact support to discuss the issue or feature request with us.

    If you are contributing to Snyk CLI, see our contributing guidelines

    For information on how Snyk CLI is implemented, see our design decisions.

    This repository is a monorepo, also covering other projects and tools:


    For any security issues or concerns, please see file in this repository.


    Snyk API usage policy

    The use of Snyk's API, whether through the use of the 'snyk' npm package or otherwise, is subject to the Terms & Conditions.

    Made with 💜 by Snyk


    npm i snyk

    DownloadsWeekly Downloads






    Unpacked Size

    40.7 MB

    Total Files


    Last publish


    • snyk-admin