The Snyk CLI, connects to snyk.io over https, authenticates your machine with your account, and then helps you find and fix known vulnerabilities in your dependencies, both manually and as part of your continuous integration (CI (Build)) system.
brew tap snyk/tap && brew install snyk
scoop bucket add snyk https://github.com/snyk/scoop-snyk
A manual installer available from Snyk’s GitHub
For more detailed installation guidance and options, see Install the Snyk CLI.
Once installed and authenticated, change directory into a folder containing a supported package manifest file (package.json, pom.xml, composer.lock, etc.) and run:
All vulnerabilities identified are listed, including their path, and remediation guidance. To monitor your project regularly and receive ongoing notifications when new vulnerabilities are introduced, see Monitor your projects at regular intervals.
New vulnerabilities are constantly disclosed - which is where monitoring comes in. Once you set up your project to be monitored, Snyk regularly tests your code and notifies you whenever new vulnerabilities are introduced.
Open a terminal from your project directory and run
This command takes a snapshot of your current dependencies so we can regularly scan your code, and notify you about newly disclosed vulnerabilities as they are introduced, or when a previously unavailable patch or upgrade path is created.
Log in to the Snyk app and navigate to
snyk.io/monitorto see the latest snapshot and scan results.
snyk help or see Our full CLI reference.