HawkScan 6.0.0 — Standalone Binary, No Java Required
HawkScan 6.0.0 ships as a true self-contained binary. Java is now bundled in — you no longer need to install or manage a JDK or JRE on your machine or in your CI environment to run HawkScan.
On first run, hawk extracts a trimmed Java runtime and its supporting libraries into ~/.hawk/bin/ and launches normally. Subsequent runs skip straight to scanning — extraction only happens when you upgrade to a new version. The bundled runtime is entirely self-contained and won’t interfere with any JDK you already have installed.
What This Means for You
No Java prerequisite. Drop hawk into any machine or pipeline and run it. No JAVA_HOME setup, no version mismatch surprises, no java -version check before you get to work.
Simpler CI/CD. Remove any Java installation steps from your GitHub Actions, GitLab CI, or other pipeline configs. The hawk binary is the only thing you need.
Same install paths, same commands. Homebrew (brew install stackhawk/cli/hawk), the macOS PKG, the Windows MSI, and direct binary downloads all deliver the same self-contained executable. Nothing about how you invoke hawk changes.
Docker works the same way. The Docker container (stackhawk/hawkscan) continues to work as before. Internally it now uses the same binary approach — the Java runtime is pre-installed into ~/.hawk/bin/ at image build time rather than relying on a system JDK, keeping the container behavior consistent with local installs.
hawk op is now built in. Previously, StackHawk platform operations required a separately installed hawkop binary. Starting with 6.0.0, hawk op is fully integrated into hawk — no separate install, no separate binary to keep in sync. Because hawk op runs entirely in the Rust layer, it also launches instantly without waiting for the Java runtime to start.
ZIP Distribution Deprecated
The hawk-{version}.zip download is no longer available as a distribution format. If you have pipelines or scripts that download the ZIP directly, migrate to the OS- and architecture-specific binary instead:
| Platform | Architecture | Binary |
|---|---|---|
| macOS | Apple Silicon (arm64) | darwin-arm64/hawk |
| macOS | Intel (x64) | darwin-x64/hawk |
| Linux | x86_64 | linux-x64/hawk |
| Linux | arm64 | linux-aarch64/hawk |
| Windows | x64 | windows-x64/hawk.exe |
| Windows | arm64 | windows-arm64/hawk.exe |
Binaries are available at https://download.stackhawk.com/hawk/{VERSION}/{PLATFORM}/hawk.
CI/CD users: The hawkscan-action v3 and the updated Azure DevOps extension handle the binary download automatically — no manual curl commands needed. Full updated installation docs ship with the 6.0.0 release.