snyk.io updates
snyk.io updates
app.snyk.io/projects

New Learning Guides for your tech stack

 

Improved

  

Following on from our earlier post, I'm happy to say we've introduced additional new tech-stack specific Learning Guides:

These guides help you implement Snyk on your specific technology stack, providing step-by-step advice and good practices on these areas.

We will continue to publish additional Learning Guides as a resource to help you smoothly implement your Snyk solution, combined with Snyk Docs, Snyk Training and Snyk Learn.

Project Collections open beta

 

New

    

Open beta

  

We are excited to announce the Snyk Preview of Project Collections open beta.

Project collections help you collect and organize your Projects so you can easily view and perform actions on. A Project collection can consist of multiple project types from different targets.

You can opt your organization in to the new experience via Settings > Snyk Preview > Project Collections > ✅ Enabled > Save.

For more information about Project Collections, check out the docs

New import logs UI

 

Improved

  

We are pleased to announce the redesigned import logs UI is now available for all users.

This redesign introduces a page loading state, and makes it easier to navigate log messages via groupings and nested pagination controls.

You also have the flexibility to opt out and continue using the old UI experience via the banner shown on the import page.

Read more about importing Projects to Snyk in our docs.

New permission for Project History

 

New

  

The ability to view project history was incorporated within the ability to view a Project. However, to improve an organization’s security and access to the issue and dependency information, we are making View Project permission more granular by adding a new permission, View Project History. This will allow you to have more granular control of access to Project history.

We will be rolling out the change from March 16th, and all standard and existing custom roles will automatically have this new permission incorporated. There will be no disruption to the user experience. You will be greeted with a message to inform you that they have insufficient permissions if you attempt to view any snapshot data without your role having the permission.

If you have a custom role and you do unexpectedly encounter this issue, the solution is to apply the new permission, View Project History to the role if deemed required.

For more information, please read the member roles documentation

Snyk Preview: New import logs UI

 

Open beta

    

Improved

  

We are pleased to announce a Snyk Preview of our redesigned import logs UI.

This redesign introduces a page loading state, and makes it easier to navigate log messages via groupings and nested pagination controls.

You can opt your organization in to the new experience via Settings > Snyk Preview > New import log UI > ✅ Enabled > Save.

Read more about importing Projects to Snyk in our docs.

Rocky Linux support

 

New

  

We are pleased to announce that Rocky Linux versions 8 and 9 are now fully supported in Snyk Container 🎉

Rocky Linux is an open-source enterprise operating system designed to be compatible with Red Hat Enterprise Linux®.

With this update you can run tests, monitor your Rocky Linux images, and get base image recommendations on the most secure versions.

For a full list of supported operating systems, see the Snyk Container documentation.

API authentication vulnerability found in Snyk Kubernetes integration

 

Fix

  

If you are a Snyk Container user on the Snyk Enterprise plan that currently uses our Kubernetes Integration we want to inform you about a Medium severity vulnerability (CVE-2023-1065).

To mitigate this vulnerability please perform an upgrade to the following version v2.0.0. To learn more on how to do this, please refer to our documentation.

Further information about the vulnerability can be found in this blog post.

New Guides

 

New

  

I’m happy to announce that we now have published our first set of learning-oriented Guides.

These guides aim to help initiators get started with the Snyk product and successfully adopt Snyk, providing readers with step-by-step advice and good practices on a range of key user journey areas.

The new Guides are:

We’ll publish additional Guides over the next few weeks, with topics including migrations and further detailed tech stack implementation guidance.

Users can now set Project Test Frequency via API

 

New

  

Every day, Snyk tests users’ projects for new vulnerabilities or for keeping up to date with changes. Each project has its set Test Frequency - the cadence in which that project is to be tested for vulnerabilities.

Setting to test frequency is easily done via the Project page in the Snyk UI today. Now a new REST/v3 endpoint under the Projects API allows users to update Test Frequency to a project using a simple string parameter - test_frequency.

To review the API Docs, please visit v3 API Docs: Project update

Deprecation of Serverless and Platform as a Service integrations

 

Deprecated

  

Snyk integrates with many popular developer tools, languages, clouds, and other services, providing developer-first security workflows and fixes across the entire SDLC.

Today we are announcing the end-of-life of a handful of these integrations, specifically:

  • AWS Lambda
  • Azure Functions
  • Cloud Foundry
  • Heroku
  • Pivotal

We are taking these necessary steps in order to focus our efforts on our customers’ greatest needs, and will continue to provide integrations via popular Git (SCM) repositories, IDEs, CI/CD services, registries, third-party clouds, and more. Additionally, Snyk is committed to being API-first by default, in order to facilitate a growing number of third-party integrations.

These integrations have been frozen starting March 20th, 2023, and is no longer be possible to configure new instances of these integrations.

Previously configured instances will continue to operate until August 20th, 2023. After this date projects imported via these integrations will no longer be available, and the configurations will be removed.

To avoid disruption, we encourage all our customers and users who rely on these integrations to integrate the source code for their deployments via an SCM integration.

Reach out to support with any questions.