The Snyk Command Line Interface (CLI) helps you find and fix known vulnerabilities in your dependencies, both manually and as part of your Continuous Integration (CI) build system.
See Language Support for details about package managers and languages that the CLI supports.
Before testing for vulnerabilities you must build your project, unless it has one of the following lock files:
Examples of how to build/install your project:
Once installed and authenticated, change directory into a folder containing a supported package manifest file (package.json, pom.xml, composer.lock, etc.) and run:
All vulnerabilities identified are listed, including their path, and remediation guidance. To monitor your project regularly and receive ongoing notifications when new vulnerabilities are introduced, see Monitor your projects at regular intervals.
Snyk uses monitoring to regularly test your code and notify you when new vulnerabilities are introduced. To set up your project to be monitored:
Open a terminal from your project directory and run
This command takes a snapshot of your current dependencies so Snyk can regularly scan your code, and notify you about newly disclosed vulnerabilities as they are introduced, or when a previously unavailable patch or upgrade path is created.
Log in to the Snyk app and navigate to the Projects page to see the latest snapshot and scan results.
snyk help or see Our full CLI reference.