Product Updates

We are pleased to announce the latest stable Snyk CLI release, v1.1301.0.

We are introducing the following key improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Snyk Container: Container scanning now supports both Ubuntu Chisel images and zstd-compressed layers, as well as usr/lib JAR files via the `--include-system-jars` parameter.

• Snyk Open Source: Initial support for Maven 4 is available for Open Source's test, monitor and SBOM commands.

• Snyk Open Source: Reachability for Snyk CLI and CI/CD integrations is now available in Early Access for all Snyk Open Source customers.

• Snyk SBOM: A new experimental flag, `--include-provenance`, for Maven projects that includes verification checksums in SBOMs.

• Snyk Studio: Snyk Studio now supports writing scan output into a file, and Service Account support.

• Stability, security, and performance: This release also includes numerous bug fixes and enhancements to improve the overall stability, security, and performance of the CLI.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to take advantage of these new features and improvements.

We've just released an enhancement for the Snyk Container Registry Agent to improve compatibility with a wider range of container registries. You can now disable the repository listing feature to prevent integration errors and reduce API calls.

This is especially useful if you are using a registry that does not support the GET /v2/_catalog endpoint, or if your organization's security policies restrict access to it.

Key Benefits

• Expanded Registry Support: Ensures smooth integration with registries like GitHub Container Registry and GitLab Container Registry.

• Work Around Permission Issues: Allows the agent to function correctly even when it doesn't have permissions to list all repositories.

• Reduce API Calls: Optimizes performance by preventing unnecessary calls to your registry's catalog endpoint.

How to Enable

You can enable this feature by setting the SNYK_DISABLE_LIST_REPOS environment variable to true in your deployment. When enabled, the agent immediately returns an empty list instead of trying to query the registry, resolving potential errors.

For full setup instructions for Docker, Helm, and Kubernetes, please see the updated Snyk Container Registry Agent documentation.

We are pleased to announce the latest stable Snyk CLI release v1.1297.0.

We are introducing the following new features and improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the release notes.

Container Enhancements

We've made scanning container image archives more straightforward. You can now directly scan image archives (e.g., image.tar) using snyk container test image.tar or snyk container monitor image.tar without needing to specify the image type as a prefix. This simplifies the command structure and streamlines your container security workflows.

Open Source Enhancements

This release brings significant improvements to Gradle module resolutions. The Snyk CLI's Gradle dependency resolution will now default to finding all artifacts against resolved dependencies. You can read more about this here.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to benefit from these new features and improvements!

We are excited to announce improvements to the Snyk Container base image recommendation algorithm.

Previously we would sometime recommend upgrades to alpha and beta images, this particularly affected Python base images.

This has now been fixed and we no longer recommend updating to these types of image.