Releases: snyk/cli
Releases · snyk/cli
v1.1296.1
1.1296.1 (2025-03-27)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
News
- test: Add poetry v2 support (49c6652)
- code: Fix backward compatibility issue in sarif driver name (5ef6442)
- iac: Fix iac test network issues (815ed82)
- language-server: Increase authentication resilience (07fc381)
- language-server: Avoid that the trust dialog blocks the application. (07fc381)
- language-server: Fix duplicate Open Source Issues appearing only in a single IDE tree node, despite occurring in multiple files. (07fc381)
- dependency: Upgrade golang.org/x/net to address CVE-2025-22870 (7edd450)
v1.1296.0
1.1296.0 (2025-03-13)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
News
- general: Improved error logging and handling
Features
- container: add support for --exclude-node-modules option (4756f27)
- container: adds kaniko support (bfb69c8)
- general: display a unique interactionID alongside each error (960a71c)
- test: python support for local wheel files specifiers (42675eb)
- test: dep-graph json file output (90f24ec)
- test: print legacy tree with json file output (b256937)
- test: display all applicable maven unmanaged identities (ebf6ba1)
- code: enable v1 fingerprints in code sarif output (00644af)
- test: Add 'pkgIdProvenance' labels to dependency graph nodes when the package identity has been changed from what has been discovered in the manifest files (4d529b3)
- test: added Python support for sys_platform (1aa1565)
- language-server AI fix explain (26d118f)
- language-server enable calling mcp commands via ls commands (6f80a03)
- language-server add scan source to metrics (6f80a03)
- language-server add mcp server, refactoring (6f80a03)
- language-server added a new code action and code lens for showDocument (8e7ab06)
- language-server add Option for Pre-Scan command, fix auth race (64920ac)
- language-server add ideStyle variable to static html (0a05e66)
- language-server intiial commit of shared html for scan summary panel (0a05e66)
- language-server send scan summary and scan base & working directory concurrently (1908a08)
- language-server store folder config outside of git repo, add reference folder (50d0770)
- language-server send initial summary panel notification (50d0770)
- language-server add a new $/snyk.scanSummary notificiation (fc80c9c)
- language-server support maven pom hierarchies for highlighting & fixes (e5924fc)
- language-server Sending a user event when fixing inside the editor (e5924fc)
- language-server Sending IDE+extension versions to autofix (a18975a)
Bug Fixes
- container: add container test doc info for --exclude-node-modules (2faf2d1)
- test: fix dotnet UTF-16LE support for target framework (e90075a)
- test: reduce false positives when scanning improved dotnet projects (c21625a)
- test: use --strict-out-of-sync when set to false with pnpm for top level dependencies (8d5b71a)
- test: fix OutOfSync errors in pnpm for download urls (b6e4ea0)
- test: fix OutOfSync errors in pnpm git protocol dependencies (5c8dc34)
- code: Don't write sarif files when no results are found (5a15113)
- code: Support single file test for golang native implementation (d7881f1)
- sbom: mavenAggregateProject with Dverbose or sbom (e88cf71)
- iac: Updates the user messages for snyk iac test --report for IaC V2 (1c9b3b3)
- language-server check folder trust before opening/changing/saving file (26d118f)
- language-server new issue summary totals (6f80a03)
- language-server add correct lesson url for license issues (6f80a03)
- language-server issues with non-UTF-8 encoded files in Snyk Code (8e7ab06)
- language-server ignore first dataflow element for oss fingerprint (64920ac)
- language-server use workdir folderConfig for ref Scan (64920ac)
- language-server test bundle add size property (0a05e66)
- language-server normalize path for file filter and reduce memory footprint (0a05e66)
- language-server add ideScript to Summary html (0a05e66)
- language-server add css variables and headers (0a05e66)
- language-server panic in range_finder (50d0770)
- language-server fix issue metadata used for hashing (fc80c9c)
- language-server use diff without enricher for delta (b213b58)
- language-server move issue view option filtering to the LS to not display ignored diagnostics in editor (b213b58)
- language-server add api version query to explain API URL (b213b58)
v1.1295.4
1.1295.4 (2025-02-25)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
- security: Upgrades dependencies to address CVE-2023-37788
v1.1295.3
1.1295.3 (2025-02-11)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
- security: Upgrades dependencies to address CVE-2025-21614
- language-server: Improved memory usage when executing code scans on large projects
- language-server: Fix incorrect filtering of files when executing code scans which could fail the analysis
- language-server: Fix random unexpected logouts when using OAuth2 authentication
v1.1295.2
1.1295.2 (2025-01-24)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
- general: revert dependencies upgrade which introduced a regression on a number of Linux installations
v1.1295.1
1.1295.1 (2025-01-23)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
- security: Upgrades goproxy to 1.5 to address a high severity vulnerability
- security: Upgrades dependencies in IaC plugin to address CVE-2025-21614
v1.1295.0
1.1295.0 (2025-01-08)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
- iac: include evidence field in json output [IAC-3161] (9487a08)
- auth: auto detect API Url during OAuth authentication (6884511)
Bug Fixes
- test: support verbose gradle graphs for sbom generation (600ef50)
- general: prevent snyk-policy lib from interrupting stdout to ensure valid --json --sarif output (469edf5)
- general: improved error messages around network requests (f6fc5f7)
- general: only read SNYK_ prefixed env vars (5bfcbe8)
- instrumentation: add default oss product for monitor as well (83cabc3)
- container: optional dependencies are properly connected in the dep-graph (3205e66)
- container: package-lock v3 missing sub-dependencies 94c9b7f)
- container: support --exclude-app-vulns with oauth (73a75fa)
- monitor: use error catalog messages for monitor commands (4e58601)
- iac: extra error handling and debugging [IAC-3138] (7fbae0f)
- iac: snyk-iac-test security update [IAC-3171] (fac22bb)
- iac: update snyk-iac-parsers version [IAC-3138] (5326d9d)
- iac: use proxy aware snyk-iac-test [INC-1647] (d5d1e2e)
- test: do not treat warnings as errors on restore (d0113eb)
- test:fix mismatch/off-by-one on unmanagedDependencyCount in the analytics logs UNIFY-340 (75d8e6d)
- test: update snyk-nodejs-plugin to fix micromatch vuln (766bd1d)
- test: upgrade mvn-plugin to handle jar scanning sha-not-found error (060380a)
- test: fix runtime versions overwriting nuget versions (5e715cf)
- instrumentation: stop sending CLI args in analytics (6d183fb)
- policy update policy library to fix valid json output (0bc0aed)
v1.1294.3
1.1294.3 (2024-12-12)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
- security: update golang.org/x/crypto/ssh to fix a critical vulnerability
v1.1294.2
1.1294.2 (2024-11-26)
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
- container: ignore npm/yarn default cache directories
- container: fix: avoid possible unhandled promise rejections
v1.1294.1
1.1294.1 (2024-11-20)
Bug Fixes
- container: unable to process RedHat images when the “content_sets” attribute was missing in the redhat-content-manifests file. (snyk/snyk-docker-plugin#615)
- container: skip optional dependencies when testing Python projects to prevent "too many vulnerable paths for conversion to legacy test output" error (snyk/snyk-docker-plugin#614)
- container, test, monitor prevents "Invalid JSON" being produced when debugging is enabled and policies are being applied. (#5583)