# Install snyk-cli with Homebrew, Nix, winget

Scans and monitors projects for security vulnerabilities. Version 1.1305.2 via Homebrew; verified 2026-06-24.

## Install

```sh
sudo av install brew:snyk-cli
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install snyk-cli
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#snyk
```

  Evidence: nixpkgs package indexes: pkgs/by-name/sn/snyk/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

### Windows

- winget (92%):

```sh
winget install --id Snyk.Snyk -e
```

  Evidence: Windows Package Manager source index: Snyk.Snyk from https://cdn.winget.microsoft.com/cache/source.msix

## Package facts

- **Package key:** brew:snyk-cli
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/snyk-cli>
- **Version:** 1.1305.2
- **Source summary:** Scans and monitors projects for security vulnerabilities
- **Homepage:** <https://snyk.io>
- **Repository:** <https://github.com/snyk/cli>
- **Upstream docs:** <https://docs.snyk.io/developer-tools/snyk-cli>
- **License:** Apache-2.0
- **Source archive:** <https://registry.npmjs.org/snyk/-/snyk-1.1305.2.tgz>
- **Last updated:** 2026-06-24T14:11:54Z
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- snyk (cli)
- snyk (alias)

## Dependencies

- node

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 1.1305.2
- Package-manager updated: 2026-06-24
- Local data: ok
- Upstream repository: https://snyk.io
- info: Release/tag comparison is only available for GitHub repositories.
## Project history and usage

Snyk CLI is the `snyk` command-line client for bringing Snyk's vulnerability scanning and monitoring into local development, IDEs, and CI/CD pipelines. In package-manager culture it is a canonical security scanner package: install it globally, authenticate it, run it against dependency manifests, source code, container images, and IaC files, then wire it into automation.

### Project history

The public GitHub repository was created in 2015 and the official README describes the CLI as a developer-first, cloud-native security tool for scanning and monitoring software projects. Snyk's docs position it as the command-line entry point for Open Source, Code, Container, and IaC scanning.

The README records an important governance change on July 22, 2024: Snyk CLI stopped accepting external contributions while continuing development in public. It also says release channels were introduced in April 2024 as Snyk focused on stabilizing releases.

### Adoption history

Official installation docs list package managers such as npm, Homebrew, and Scoop, plus Docker and standalone binaries. The input records Homebrew, Nix, and WinGet packages, matching the CLI's role across macOS, Linux, Windows, and CI systems.

### How it is used

Users authenticate a machine, then run commands such as `snyk test`, `snyk monitor`, `snyk code test`, `snyk container test`, and `snyk iac test`. The CLI detects supported project manifests, reports vulnerability paths and fix guidance, and can create monitored snapshots in Snyk's web UI.

### Why package nerds care

Package nerds care because Snyk CLI sits directly on package-manager metadata: manifests, lockfiles, dependency graphs, container images, IaC files, global npm/Homebrew/Scoop installs, signed release assets, and machine-local credentials. It is a package that audits other packages.

### Timeline

- 2015: Public GitHub repository created.
- 2023: GitHub releases show the v1.1249 series in the public release stream.
- 2024: Release channels introduced in April, according to the README.
- 2024: External contributions closed on July 22, according to the README.
- 2026: GitHub releases show the v1.1305 series in the active release stream.

### Related projects

- Related Snyk tools include Snyk Open Source, Snyk Code, Snyk Container, Snyk IaC, Snyk IDE plugins, Snyk CI/CD integrations, and Snyk CLI extensions.

### Sources

- <https://docs.snyk.io/developer-tools/snyk-cli>
- <https://docs.snyk.io/developer-tools/snyk-cli/snyk-cli/install-the-snyk-cli>
- <https://docs.snyk.io/developer-tools/snyk-cli/snyk-cli/releases-and-channels-for-the-snyk-cli>
- <https://github.com/snyk/cli>
- <https://github.com/snyk/cli/releases>


## Security Notes

No matching local secret-handling manifest was found for snyk-cli. Nucleus package metadata is still published here so future coverage has a stable package URL.



## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: ~/.config/configstore/snyk.json

## Credential files

- Unix: ~/.config/configstore/snyk.json
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** snyk-cli
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Nix - snyk: installed executable or alias match | nixpkgs package indexes: pkgs/by-name/sn/snyk/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- winget - Snyk.Snyk: installed executable or alias match | Windows Package Manager source index: Snyk.Snyk from https://cdn.winget.microsoft.com/cache/source.msix


## Related links

- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [Package ecosystem packages](https://www.automicvault.com/pkg/package-ecosystem-tools/) - Matched package manager, installer, dependency, registry, or publishing metadata.
- [node](https://www.automicvault.com/pkg/brew/node/) - Runtime dependency declared by Homebrew.
- [clair](https://www.automicvault.com/pkg/brew/clair/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [govulncheck](https://www.automicvault.com/pkg/brew/govulncheck/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [bomber](https://www.automicvault.com/pkg/brew/bomber/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [grype](https://www.automicvault.com/pkg/brew/grype/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [nuclei](https://www.automicvault.com/pkg/brew/nuclei/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [osv-scanner](https://www.automicvault.com/pkg/brew/osv-scanner/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [safety](https://www.automicvault.com/pkg/brew/safety/) - Shares av.db curated category or tags: cli, dependency-scanning, security, vulnerability-scanning.
- [terrapin-scanner](https://www.automicvault.com/pkg/brew/terrapin-scanner/) - Shares av.db curated category or tags: cli, security, vulnerability-scanning.
- [snyk-agent-scan](https://www.automicvault.com/pkg/brew/snyk-agent-scan/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, scanning, security, snyk, vulnerabilities.

## Combined YAML source

View the package source record on GitHub. [combined/snyk-cli.yml](https://github.com/automic-vault/db/blob/main/combined/snyk-cli.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
