1. Knowledge Center | Snyk
  2. Snyk CLI
  3. Guides for our CLI

Articles in this section

Getting started with the CLI

The Snyk CLI, connects to snyk.io over https, authenticates your machine with your account, and then helps you find and fix known vulnerabilities in your dependencies, both manually and as part of your continuous integration (CI (Build)) system.

Install the Snyk CLI

  • npm – npm install -g snyk

  • Homebrew – brew tap snyk/tap && brew install snyk

  • Scoop - scoop bucket add snyk https://github.com/snyk/scoop-snyk

  • A manual installer available from Snyk’s GitHub

For more detailed installation guidance and options, see Install the Snyk CLI.

 

Authenticate from the browser

To associate your Snyk account with the CLI, you must first authenticate your machine. No repository permissions are needed at this stage, only your email address.

To authenticate:

  1. Run snyk auth from the CLI.

    A browser tab opens, redirecting you to authenticate the CLI for use with your account.

  2. Click Authenticate.

    The authentication ends and you can go back to your terminal to continue working.

    authenticate_snykauth.gif

For more authentication options and information, see CLI – Authentication.

Build your project

Before testing for vulnerabilities you must build your project, unless it has one of the following lock files in which case a build is not required:

  • package-lock.json 
  • yarn.lock  
  • Gemfile.lock  
  • paket.lock

Examples of how to build/install your project:

npm install
mvn install
gradle build
dotnet restore
dep ensure

Test for vulnerabilities

Once installed and authenticated, change directory into a folder containing a supported package manifest file (package.json, pom.xml, composer.lock, etc.) and run:

cd /my/project/

snyk test

All vulnerabilities identified are listed, including their path, and remediation guidance. To monitor your project regularly and receive ongoing notifications when new vulnerabilities are introduced, see Monitor your projects at regular intervals.

 

Monitor your project

New vulnerabilities are constantly disclosed - which is where monitoring comes in. Once you set up your project to be monitored, Snyk regularly tests your code and notifies you whenever new vulnerabilities are introduced.

  1. Open a terminal from your project directory and run snyk monitor.

    This command takes a snapshot of your current dependencies so we can regularly scan your code, and notify you about newly disclosed vulnerabilities as they are introduced, or when a previously unavailable patch or upgrade path is created.

  2. Log in to the Snyk app and navigate to snyk.io/monitor to see the latest snapshot and scan results.

 

What's next

Run snyk help or see Our full CLI reference.

We also have a handy cheat sheet available and a video tutorial.

 
See also