chore(deps): update dependency snyk to v1.1305.0#592
Open
renovate[bot] wants to merge 1 commit into
Open
Conversation
commit: |
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
September 6, 2025 15:49
eaf77fc to
a647152
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
September 24, 2025 17:01
a647152 to
1e7e13b
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
September 25, 2025 18:58
1e7e13b to
f7698ad
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
October 8, 2025 15:06
f7698ad to
0dcbd27
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
October 21, 2025 18:06
0dcbd27 to
05242ac
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
October 28, 2025 12:13
05242ac to
8255722
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
November 18, 2025 12:32
8255722 to
d165a72
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
November 19, 2025 12:46
d165a72 to
5fbf974
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
December 8, 2025 14:03
5fbf974 to
e45f3dc
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
December 16, 2025 12:59
e45f3dc to
730eddb
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
January 14, 2026 15:12
730eddb to
72734f7
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
January 22, 2026 16:58
72734f7 to
a435dbf
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
February 26, 2026 14:05
a435dbf to
250fdc4
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
March 4, 2026 14:56
250fdc4 to
4fb2e81
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
March 23, 2026 12:40
4fb2e81 to
8f684e1
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
April 9, 2026 12:32
8f684e1 to
36d3dd6
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
2 times, most recently
from
April 27, 2026 16:01
a2f3a90 to
219e43c
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
May 6, 2026 14:09
219e43c to
0c4a673
Compare
|
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
May 13, 2026 12:36
0c4a673 to
a3ae7c0
Compare
renovate
Bot
force-pushed
the
renovate/snyk-1.x
branch
from
May 20, 2026 13:43
a3ae7c0 to
e667330
Compare
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



This PR contains the following updates:
1.1298.2→1.1305.0Release Notes
snyk/snyk (snyk)
v1.1305.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
--allow-incomplete-sbomflag forsnyk sbom, allowing the SBOM to be generated even when individual projects fail to resolve. Failed projects are surfaced as per-project errors alongside the successful results. (29ba128)snyk container monitorby sending dependency requests in parallel, configurable via theSNYK_REQUEST_CONCURRENCYenvironment variable. (186c5fb, 6764f65)Bug Fixes
.whlfiles when scanning projects with--all-projects. (12ac0db)v1.1304.3Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
Known Issues
snyk/snykcontainer images via the transitivegithub.com/gomarkdown/markdowndependency (SNYK-GOLANG-GITHUBCOMGOMARKDOWNMARKDOWNHTML-16066911, SNYK-GOLANG-GITHUBCOMGOMARKDOWNMARKDOWNPARSER-8220052). We have assessed these vulnerabilities and confirmed they do not impact CLI users. A fix is scheduled for the stable release on2026-05-20.v1.1304.2Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1304.1Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1304.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
snyk aibom testcommand. (2978044)--maven-skip-wrapperflag to force the use of a globally installedmvncommand. (0ee90ca, ff31066)max-attempts. (1fbdf38)-shaded-jars-depthand non-numeric values for--nested-jars-depth. (321b6f5)--jsonflag support for list commands,exhaustiveandeagermodes. (e962c4d)Bug Fixes
--json-file-outputis specified. (32f65f0)--skip-unresolved. (71ca761)replacedirectives. (7c7a366, ee7d72b)package.json. (0dd6581).characters in their name were incorrectly parsed to include-characters. (9a2a36e)v1.1303.2Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
Bug Fixes
replacedirective pointing at a relative path) would fail due to badly formatted PackageURLs.(4c6b663)v1.1303.1Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1303.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
--excludeparameter (3acbc6b)--jsonoutput ofsnyk testandsnyk sbom testshould now contain fields which were previously missing (isDisputed,proprietary,severityBasedOn,alternativeIds,mavenModuleName) (9996b27)show-maven-build-scope/show-npm-scopefeature flag enabled (89d26f0)--uploadand--repoflag to the experimental aibom command to persist their AI BOM into their Snyk organisation (e1fdae7)snyk redteam --experimental get --id=<scan-id>. The scan command also now shows progress during execution. (fba40cc)--htmlor--html-file-outputflags (aa76c04)snyk_package_healthto validate package health (2b0edd2)--profile=<lite|full|experimental>) or environment variable (SNYK_MCP_PROFILE). (2b0edd2)snyk container sbomusers can now use--usernameand--passwordto generate SBOMs for images in private registries (a7015a7)snyk container sbomusers can now use--exclude-node-modulesto exclude node_modules directories from the SBOM (a7015a7)snyk container sbomusers can now use--nested-jars-depthto control the depth of nested JAR unpacking (a7015a7)snyk container sbomusers can now passdocker-archive:,oci-archive:,kaniko-archive:prefixed paths or bare.tarfile paths as the image argument (a7015a7)Bug Fixes
runAutomationDetailsfield in sarif output is not unique (07dd36f)automationDetailsfield is now rendered correctly when using the--sarifflag (3191e4d)--all-projects(6e3b5d5)snyk ignorecommand are now correctly applied if an expiry is set or if using an absolute filepath (a61589c)--target-referenceoption is now correctly applied to application scan results in container tests, not just the OS scan results (70db44f)SNYK-CLI-0000errors are now correctly categorised and displayed (3d02788)v1.1302.1Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1302.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
Bug Fixes
v1.1301.2Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1301.1Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
reachabilityflag (eaf50bb)snyk monitor --reachability=truecommand should now work even if double dashed arguments are provided (e8bdac6)snyk test --reachability/snyk monitor --reachability(d0bdba1)v1.1301.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
--include-system-jars, to support scanning of usr/lib JARs (57078b6)--include-provenancethat will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a)--include-provenancethat will produce an SBOM with checksum qualifiers in each purl (5b8fe0a)Bug Fixes
(bfcbda7)
v1.1300.2Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1300.1Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
Bug Fixes
v1.1300.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Features
Bug Fixes
v1.1299.1Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
Bug Fixes
v1.1299.0Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation.
Features
Bug Fixes
code test --reportwhen aproject_idenvironment variable exists. (6168b1d)snyk code testwhere an empty input parameter would cause inconsistent behavior. (a661235)CVE-2025-8959. (5a548fb)project.assets.jsonfiles would not be detected in cases where it's destination path was altered with .NET properties. (75a152e)--all-projects. (960fa8e)v1.1298.3Compare Source
The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation
News
aibom: This command is now publicly available. Note that the feature is still experimental and subject to breaking changes without notice.
Effective with release (Snyk CLI 1.1298.0), the minimum required GNU C Library (glibc) versions on Linux will be updated as follows:
If this affects you, please follow the advice here. Possible issues are errors mentioning
GLIBC_2.27orGLIBC_2.31not found.Bug Fixes
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.