Install and Use Snyk CLI on Windows 10/11 with Easy Steps

By Posted on

Install and Use Snyk CLI on Windows 10/11 with Easy Steps

Install and Use Snyk CLI on Windows 10/11 with Easy Steps

This tutorial intends to teach you how to Install and Use Snyk CLI on Windows. The Snyk command line interface (CLI) is a great choice to find and scan your source code for security vulnerabilities. You can follow the steps on the Orcacore website to install Snyk CLI on your Windows by using the Scoop package manager. Also, you can use these installation steps on both Windows 10 and Windows 11.

To set up Windows Snyk CLI, you must log in to your Windows Client which is Windows 10 or Windows 11, and follow the steps below.

Step 1 – Run PowerShell on Windows

The first step is to run your PowerShell as an administrator. In your search bar type PowerShell and right-click on it and choose Run as an Administrator.

For more information, you can visit this guide Run PowerShell as Administrator on Windows.

Step 2 – Install Scoop on Windows

At this point, you must have installed the Scoop package manager to set up your Windows Snyk CLI.

From your PowerShell console, run the following command to set the permission to install Scoop:

Set-ExecutionPolicy RemoteSigned -Scope CurrentUser

You will be asked to:

Do you want to change the execution policy?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): y

Simply type “y” and continue.

Then, download and install the Scoop by using the following installer script:

Invoke-Expression "& {$(Invoke-RestMethod get.scoop.sh)} -RunAsAdmin"

When your installation is completed, you will get the following output:

**Output**
Initializing...
Downloading ...
Extracting...
Creating shim...
Adding ~scoopshims to your path.
Scoop was installed successfully!
Type 'scoop help' for instructions.

Now you have Scoop package manager installed on your Windows.

If you want more information about Scoop, you can check this guide on Install and Use Scoop on Windows.

Step 3 – Install Snyk on Windows

At this point, you can easily set up your Windows Snyk CLI. To do this, follow the steps below:

First, you install git by using the Scoop command:

scoop install git

Then, use the following Scoop command to add the Snyk bucket on your Windows system:

scoop bucket add snyk https://github.com/snyk/scoop-snyk

Finally, use the following command to install Windows Snyk CLI:

scoop install snyk

When your installation is completed, you will get the following output:

[Image of Windows Snyk CLI installation output]

Also, you can verify your Windows Snyk CLI installation by checking its version:

snyk --version
**Output**
1.1159.0

Step 4 – Test Windows Snyk CLI

To get full information about Snyk, from your PowerShell simply run the following command:

snyk

You should get the following output:

**Output**
CLI help
  Snyk CLI scans and monitors your projects for security vulnerabilities and license issues.

  For more information visit the Snyk website https://snyk.io

  For details see the CLI documentation https://docs.snyk.io/features/snyk-cli

**How to get started**
  1. Authenticate by running snyk auth
  2. Test your local project with snyk test
  3. Get alerted for new vulnerabilities with snyk monitor

**Available commands**
  To learn more about each Snyk CLI command, use the --help option, for example, snyk auth --help.

  Note: The help on the docs site is the same as the --help in the CLI.

  snyk auth
    Authenticate Snyk CLI with a Snyk account.

  snyk test
    Test a project for open source vulnerabilities and license issues.

    Note: Use snyk test --unmanaged to scan all files for known open source dependencies (C/C++
    only).

  snyk monitor
    Snapshot and continuously monitor a project for open source vulnerabilities and license issues.

  snyk container
    Test container images for vulnerabilities.

  snyk iac
    Commands to find and manage security issues in Infrastructure as Code files.

  snyk code
    Find security issues using static code analysis.

  snyk sbom
    Produce an SBOM for a local software project in an ecosystem supported by Snyk.

  snyk log4shell
    Find Log4Shell vulnerability.

  snyk config
    Manage Snyk CLI configuration.

  snyk policy
    Display the .snyk policy for a package.

  snyk ignore
    Modify the .snyk policy to ignore stated issues.

Debug
  Use -d option to output the debug logs.

Configure the Snyk CLI
  You can use environment variables to configure the Snyk CLI and also set variables to configure the
  Snyk CLI to connect with the Snyk API. See Configure the Snyk CLI
  https://docs.snyk.io/features/snyk-cli/configure-the-snyk-cli

As you can see from the output, you can easily use Snyk to authenticate your Snyk CLI with a Snyk account, Test your projects, and Monitor your projects for vulnerabilities and issues.

For more information, you can visit the Snyk CLI Documentation.

Conclusion

At this point, you have learned to Install Snyk CLI by using the Scoop package manager on Windows. First, you have installed Scoop with an installer script, then, add the Snyk bucket to Scoop, and easily install your Snyk CLI. Also, you have learned to use Snyk to authenticate your Snyk CLI and start your monitoring and scanning.

Hope you enjoy it. You may also like these articles:

Enable Network Discovery and File Sharing on Windows

Install Chocolatey or Choco on Windows

Alternative Installation Methods for Snyk CLI on Windows

While the above method using Scoop is a streamlined approach, alternative methods exist for installing the Snyk CLI on Windows. These methods might be preferable depending on your existing setup, preferences, or administrative constraints. Here are two such alternative approaches:

1. Using Chocolatey (choco)

Chocolatey is another popular package manager for Windows, similar to Scoop. If you already have Chocolatey installed, using it to install Snyk can be a straightforward option.

Installation Steps:

  1. Ensure Chocolatey is Installed: If you don’t have Chocolatey installed, you’ll need to install it first. You can find instructions on the Chocolatey website. Essentially, you will run a command in an elevated PowerShell prompt similar to what was done with Scoop.

  2. Install Snyk using Chocolatey: Open PowerShell as an administrator and run the following command:

    choco install snyk

    Chocolatey will download and install Snyk and any dependencies. You may be prompted to confirm the installation; answer ‘Y’ or ‘A’ to continue.

  3. Verify Installation: After installation, verify that Snyk is installed correctly by running:

    snyk --version

    This should display the installed Snyk version.

Why Choose Chocolatey?

  • Familiarity: If you’re already using Chocolatey for other package management tasks, using it for Snyk provides consistency.
  • Centralized Management: Chocolatey allows you to manage software installations and updates in a centralized manner.
  • Wider Package Availability: Chocolatey has a vast repository of packages, making it a convenient tool for installing various software on Windows.

Caveats:

  • Requires Chocolatey to be pre-installed.
  • Package availability depends on Chocolatey’s package repository.

2. Manual Installation via npm (Node Package Manager)

If you have Node.js and npm (Node Package Manager) installed on your system, you can install Snyk CLI globally using npm. This method is useful if you are already using Node.js for development purposes.

Installation Steps:

  1. Ensure Node.js and npm are Installed: If you don’t have Node.js and npm installed, download and install them from the official Node.js website. npm is usually included with the Node.js installation.

  2. Install Snyk Globally using npm: Open your command prompt or PowerShell (no administrator privileges needed for global installation with npm, unless configured otherwise) and run the following command:

    npm install -g snyk

    This command downloads and installs Snyk globally on your system, making it accessible from any command prompt or PowerShell window.

  3. Verify Installation: After installation, verify that Snyk is installed correctly by running:

    snyk --version

    This should display the installed Snyk version.

Why Choose npm?

  • Cross-Platform Compatibility: npm is available on various operating systems, providing a consistent installation experience across different platforms.
  • Node.js Ecosystem: If you’re already working within the Node.js ecosystem, using npm to install Snyk is a natural choice.
  • Global Availability: Installing Snyk globally makes it accessible from any directory on your system.

Caveats:

  • Requires Node.js and npm to be pre-installed.
  • Relies on npm’s package repository and network connectivity.

By understanding these alternative installation methods, you can choose the one that best suits your environment and preferences for installing the Snyk CLI on Windows. The ease of use and integration with your existing tools and workflows should be key factors in your decision.

Related posts:

Leave a Reply

Your email address will not be published. Required fields are marked *