v1.1301.1

1.1301.1 (2025-12-08)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• test: Rendering of fix advice for multiple dependency paths when using the reachability flag (eaf50bb)
• monitor: snyk monitor --reachability=true command should now work even if double dashed arguments are provided (e8bdac6)
• test, monitor: Code upload speed will be improved when running snyk test --reachability/snyk monitor --reachability (d0bdba1)
• language-server: Multiple Snyk Language Server related fixes (485ae55)
• dependencies: Upgrade dependencies to address multiple issues. (e185c92)

v1.1301.0

1.1301.0 (2025-11-12)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• container: The Snyk CLI now supports scanning Ubuntu Chisel images for vulnerabilities (9328757)
• container: The Snyk CLI now supports scanning container images with zstd-compressed layers (5080e42)
• container: Added a new parameter, --include-system-jars, to support scanning of usr/lib JARs (57078b6)
• test(maven): Initial maven 4 support, testing against the most recent release candidate (88cf47e)
• test(maven): A new experimental flag --include-provenance that will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a)
• sbom(maven): A new experimental flag --include-provenance that will produce an SBOM with checksum qualifiers in each purl (5b8fe0a)
• language-server: Automatic selection of the organization for IDEs based on workspace folder (EA). (2cc554e)
• language-server: Analytics for configuration and folder trust (2cc554e)
• mcp: Support for writing scan output into a file (2cc554e)
• mcp: Service Account support (2cc554e)

Bug Fixes

• general: Fix incorrect error mapping for varying status codes (5829500)
• general: Some invalid flag combinations are now correctly handled (ca5903b)
• test: The Snyk CLI now correctly handles optional dependencies without separate package entries
  (bfcbda7)
• test: The Snyk CLI now correctly handles aliased packages with nested dependencies (bfcbda7)
• test: The Snyk CLI now correctly handles bundled dependencies with non-hoisted bundle owners (bfcbda7)
• test: Fixes issue where sub packages were getting grouped incorrectly, leading to deps getting marked as missing. (b904e8c)
• test, sbom: Stops misclassifying NX Build project.json as a NuGet project (ff6860f)
• test(npm): Improve npm alias support (cb37da7)
• test(npm): The Snyk CLI now correctly handles npm packages with bundled dependencies (7d93b86)
• test(python): Scanning projects using Python 2.7 will no longer fail with a string formatting error (4effc7f)
• test(python): Fixed JSON parsing error for Python projects with missing packages (4effc7f)
• test(maven): Underlying maven commands adjusted slightly to make aggregate projects that encounter issues when rebuilding more likely to succeed (3b72d86)
• test(dotnet): Fix an issue with NuGet v3 scanner where the netstandard and netcoreapp TargetFrameworks were treated as .netx.x (227b50c)
• test(dotnet): Fix an issue with NuGet v3 scanner where the pinned dependencies were not discovered (0d9b0c4)
• container: Fixed a bug where scanning docker images with very large files would result in the CLI crashing with no message (57078b6)
• container: Fix rare crash when scanning large Docker images (195ed78)
• container: Fix issue where go binaries in Linux images with complex paths were not properly detected as go binaries when scanning on Windows (be8098b)
• code: Add missing explicit error handling (755d01f)
• unmanaged: Ignored vulnerabilities in unmanaged (C/C++) projects are now properly excluded from JSON output when using .snyk policy files. This ensures that snyk-to-html and other tools that consume JSON output will correctly respect vulnerability ignores. (fa808c1)
• dependencies: Fix CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
• dependencies: Upgrade golang to 1.24.10 to fix vulnerabilities (c039f99)
• dependencies: Upgrade to golang 1.24.8 (4dcf97a)
• dependencies: Upgrade xcode to avoid flaky signing (bdcb991)
• dependencies: Fix CVE-2025-47913 (a00b0dc)
• language-server: Various Language Server related fixes (2cc554e)

v1.1300.2

1.1300.2 (2025-10-28)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• security: Upgrades dependencies to address CVE-2025-47913 (d7e87e2)
• general: Improved error messaging (5d16466)

v1.1300.1

1.1300.1 (2025-10-21)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• mcp: Added support for the MCP server to use IDE extension storage when running in VS Code (7f26dc6)
• redteam: Added a new experimental AI Red Teaming feature, read more: https://docs.snyk.io/developer-tools/snyk-cli/commands/ai-red-teaming (fe37e0f)

Bug Fixes

• test: Fix issue where npm aliases only detected the latest version of a dependency (cb37da7)
• security: Upgrades dependencies to address CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
• general: Improved error messaging (5d16466)
• logging: Remove support for legacy DEBUG environment variable. For the supported debugging options, please check https://docs.snyk.io/developer-tools/snyk-cli/debugging-the-snyk-cli (2087f74)

v1.1300.0

1.1300.0 (2025-10-08)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• general: Improve SARIF compatibility by adding runAutomationDetails (3e232e5)
• container: Add support scanning system JARs (54e84d8)
• container: Add TargetOS to output of container scan (aa55cd9)
• test: Add support for godot projects (d9fc200)
• test: Add support for maven metaversions (f321ffa)
• language-server: Add CVSSv4 Links in IDE Issue Details
• mcp: Workflow and performance improvements

Bug Fixes

• container: Fixed crashes when scanning docker images with very large files (72cb040)
• test: Re-enable support for python 2.7 (02c7fe3)
• test: Improved error information when using --all-projects (36d14f9)
• test: Fix a bug due to case-sensitive ignores (b432406)
• test: Resolve project assets file path dynamically (75a152e)
• iac: Upgrade iac components to address a vulnerability [IAC-3439] (eaaaf84)
• logging: Fix broken debug logs due to secret redaction by redacting all user input (0cf19a7)
• language-server: Multiple bugfixes

v1.1299.1

1.1299.1 (2025-09-24)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• language-server: Fix titles of Snyk Open Source code actions in IDEs (0add44d)
• code: Include missing uploadResults property in Sarif output (693e548)
• logging: Fix broken debug logs due to incorrect redaction (0cf19a7)

v1.1299.0

1.1299.0 (2025-08-28)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation.

Features

• auth: Support for PAT auto region configuration. (ad8e4a7)

Bug Fixes

• code: Fixes code test --report when a project_id environment variable exists. (6168b1d)
• code: Fixes an issue with snyk code test where an empty input parameter would cause inconsistent behavior. (a661235)
• container: Stops spawning commands using a shell. (7ee9e15)
• dependency: Fixes CVE-2025-8959. (5a548fb)
• general: Fixes a bug where formatting of log timestamps could cause a crash in some cases. (92fa8be)
• iac: Fixes wrong status code checks. (77152e5)
• language-server: Fixes a bug related to the analytics environment variables. (6916af8)
• language-server: Correctly populates the environment for Open Source scans when called from the IDE. (945b029)
• language-server: Ensures changed API URLs are respected during authentication. (24ed981)
• language-server: MCP tool updates to support feedback and better tool descriptions. (8f2a8d1)
• test: Fixes a bug where project.assets.json files would not be detected in cases where it's destination path was altered with .NET properties. (75a152e)
• test: Improves error messages when using --all-projects. (960fa8e)

v1.1298.3

1.1298.3 (2025-08-14)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

News

• aibom: This command is now publicly available. Note that the feature is still experimental and subject to breaking changes without notice.

• Effective with release (Snyk CLI 1.1298.0), the minimum required GNU C Library (glibc) versions on Linux will be updated as follows:

  • For Linux x64 environments: glibc version 2.28 or higher
  • For Linux arm64 environments: glibc version 2.31 or higher

• If this affects you, please follow the advice here. Possible issues are errors mentioning GLIBC_2.27 or GLIBC_2.31 not found.

Bug Fixes

• test: Added support for Gradle 9.

v1.1298.2

1.1298.2 (2025-07-30)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

News

• Effective with release (Snyk CLI 1.1298.0), the minimum required GNU C Library (glibc) versions on Linux will be updated as follows:
  • For Linux x64 environments: glibc version 2.28 or higher
  • For Linux arm64 environments: glibc version 2.31 or higher
• If this affects you, please follow the advice here. Possible issues are errors mentioning GLIBC_2.27 or GLIBC_2.31 not found.

Bug Fixes

• code: Fix code test --report when a project_id environment variable exists (8be17d6)
• mcp: Skip trust browser popup if folder is already trusted
• mcp: Improve container scan security
• language-server: Fixed missing AI Fix entitlements for cases where the default org didn’t have AI Fix enabled

v1.1298.1

1.1298.1 (2025-07-22)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

News

• Effective with release (Snyk CLI 1.1298.0), the minimum required GNU C Library (glibc) versions on Linux will be updated as follows:
  • For Linux x64 environments: glibc version 2.28 or higher
  • For Linux arm64 environments: glibc version 2.31 or higher
• If this affects you, please follow the advice here. Possible issues are errors mentioning GLIBC_2.27 or GLIBC_2.31 not found.

Bug Fixes

• container: Fix failing scan of local container images (6095a60)
• mcp: Fix incomplete mcp instrumentation (9108dc0)