Project owner metadata

We now give you the ability to add a project owner inside each individual project page in the UI, or using the API. You can add anyone as a project owner who has access to the org that the project is in.

To try this out, go to any project page and in the metadata header, you now have the option to assign a project owner from a list of everyone who has access to the project.

project-owner.png

At the moment, this data is only for reference, but we have plans to use it in other areas of Snyk in the future.

More improved APIs served up just for you!

The API list all dependencies endpoint now includes issuesHigh, issuesMedium and issuesLow fields for each license, displaying the number of issues in the dependency per severity level.

  • You can now filter for only dependencies that contain at least one issue of each severity. Use the severity filter to do this. See our docs for more information.
  • Manage your teams' vulnerabilities easier than ever with enriched filters and printable reports!

    We're happy to report that we've improved our Reports area! You can now better search and filter your vulnerabilities by expanded parameters from the Issues tab and then export your results to CSV or print them in PDF.

    Check out our docs for more information.!

    Automated dependency upgrades for Bitbucket Cloud

    Automated dependency upgrades are now available through your Bitbucket cloud integration, or for specific Bitbucket Cloud projects.

    Read more in our docs, give it a try and let us know what you think!

    image (24).png

    New legal license instructions added!

    We've released the Legal Instructions field where you can now customize advice for your teams when license issues are identified. You'll onboard developers faster than ever with relevant calls to action. Read all about it in our docs.

    More improvements in our API!

    You asked, we supplied! For Yarn and npm projects you can now also add your package-lock.json and yarn.lock files to get more accurate Snyk test results. See our docs for more info.

    Get a single user by user ID

    Organization and group administrators can now retrieve user details for a single user with our new API command. Check out our docs for more help.

    Scan your Bitbucket Cloud and GitHub Enterprise Dockerfiles as part of your container security

    As part of our continued efforts to further enrich container scanning, we’re super pleased to announce that you can now enrich your container scan results by adding your Dockerfile from Bitbucket Cloud or GitHub Enterprise (in addition to the support we already provided through GitHub and GitLab of course!). To get started, import your container from any of the registries we support. Need help with containers? Check out our docs!Dockerfile_CTA.png

    Access Integration settings naturally from the Integrations area

    Check out the new cogs cog.png that appear on all of the integrations you’ve already set up. With a quick glance alone, you can identify the integrations you’ve already configured and then directly access their settings. See our docs for more help with your integrations.

    Dockerfile parsing improved

    We know you might have experienced some issues with your Dockerfile in Snyk lately when using multiple build stages or Dockerfile variables, so we just wanted to let you know we’ve ironed things out.

    We now correctly:

    • resolve base image names when using the Dockerfile multi-stage build functionality
    • identify installed packages when you use variables in your Dockerfile>

      Need some help with your Dockerfile and image remediation? Check out our docs for more info.