Snyk Documentation

Getting started with our CLI

The Snyk CLI helps you find and fix known vulnerabilities in your dependencies, both manually and as part of your continuous integration (CI (Build)) system.

This page summarizes the basic steps you need to take in order to use the CLI for Snyk to test your code, as follows:

Installing the Snyk CLI

Install Snyk CLI via:

  • npm –  npm install -g snyk
  • A manual installer available from Snyk’s GitHub

For more detailed installation guidance and options, see CLI - Installation.

Authenticating the Snyk app

Snyk commands require authentication via GitHub, Bitbucket or Google. No repository permissions are needed at this stage, only your email address.

To authenticate Snyk, run snyk auth from the CLI.

For more authentication options, see CLI – Authentication.

Running a test

Once installed and authenticated, change directory into a folder containing a supported package manifest file (package.json, pom.xml, composer.lock, etc.) and run:

cd /my/project/
snyk test

This will show all vulnerabilities identified, their path, and remediation guidance. To monitor your project regularly and receive ongoing notifications when new vulnerabilities are introduced, see Monitoring your project.

Monitoring your project

New vulnerabilities are constantly disclosed - which is where monitoring comes in. Once you set up your project to be monitored, Snyk regularly tests your code and notifies you whenever new vulnerabilities are introduced.

  1. Open a terminal from your project directory and run snyk monitor.
    This command takes a snapshot of your current dependencies so we can regularly scan your code, and notify you about newly disclosed vulnerabilities as they are introduced, or when a previously unavailable patch or upgrade path is created.
  2. Log in to the Snyk app and navigate to to see the latest snapshot and scan results.

What's next

Run snyk help or see Snyk CLI for the full list of commands and capabilities.

We also have a handy cheat sheet available.