Product Updates

We’ve released a CLI hotfix (v1.1297.2) to enhance security and resolve the following issues:

• Improved Debug Logging Security for Scans: Improves the sanitization of credentials in local debug logs.

• IDE Connectivity for Proxy Users: Fixes an issue where IDE plugins could fail to connect when operating behind an NTLM proxy.

• Snyk Code Local Engine Fix: Addresses a regression that prevented the Snyk Code Local Engine (SCLE) from functioning correctly within the IDEs. As this release is focused on security and stability, no change in behavior or new features are expected.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team. We encourage everyone to upgrade to the latest version to benefit from these important security and reliability fixes!

We're providing an important update regarding an upcoming enhancement to the Snyk CLI that will impact Linux environments. To ensure the Snyk CLI operates as smoothly and securely as possible, providing the strongest security and stability for your development environments, we are updating an internal component.

What's Changing for Linux Users?

Effective with the Snyk CLI release 1.1298.0 targeted for July 16, 2025, the minimum required GNU C Library (glibc) versions on Linux will be updated as follows:

• For Linux x64 environments: glibc version 2.28 or higher

• For Linux arm64 environments: glibc version 2.31 or higher

This change only affects Linux environments. Users on macOS and Windows are not impacted by this specific glibc update.

Why Are We Making This Change?

This update is driven by our commitment to ensure all components within the Snyk CLI are current and supported, preventing the use of components that may no longer receive critical security patches or bug fixes. This transition is crucial for:

• Enhanced Security & Stability: Via this upgrade, we ensure our CLI remains protected against emerging vulnerabilities and benefits from ongoing improvements, addressing potential risks.

• Modern Dependency Compatibility: The broader software ecosystem continually evolves. This upgrade allows us to integrate essential library updates, bug fixes, and new features more effectively and reliably.

Meeting these glibc requirements also means your Linux environments will likely be running on operating system versions that are fully supported and not past their own end-of-support dates, further enhancing your overall security posture.

Timeline and Your Environment Readiness:

We are introducing these new requirements in the Snyk CLI 1.1298.0 release scheduled for July 16, 2025. This provides a window for you to assess and, if necessary, update your Linux environments.What if You Need More Time?We understand that updating your environments might require planning and coordination. If you anticipate needing more time to meet these new glibc requirements beyond the July 16, 2025 release, we recommend the following temporary solutions to continue using the Snyk CLI without interruption:

• Pin your Snyk CLI version: You can temporarily pin your Snyk CLI to version 1.1297.1 (the last version before these new requirements take effect) to allow more time for your glibc upgrade.

• Utilize Snyk CLI Docker Images: Our official Snyk CLI Docker images come with compatible glibc versions and can be a good alternative.

• The CLI preview version was updated starting June 4th to contain the new glibc requirements for testing the coming changes in time.

Our primary goal is to provide you with the most secure and reliable tools, and this update is a key step in that direction.Thank you for your understanding and partnership in maintaining a secure development lifecycle!

We’ve released CLI hotfix v1.1297.1.

This version rolls back specific changes related to Gradle dependency resolution that were introduced in v1.1297.0.

We are taking this step to ensure stability for all users while we continue to refine this functionality. We plan to reintroduce these improvements for Gradle resolution in a future stable version once further enhancements are complete.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We are pleased to announce the latest stable Snyk CLI release v1.1297.0.

We are introducing the following new features and improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the release notes.

Container Enhancements

We've made scanning container image archives more straightforward. You can now directly scan image archives (e.g., image.tar) using snyk container test image.tar or snyk container monitor image.tar without needing to specify the image type as a prefix. This simplifies the command structure and streamlines your container security workflows.

Open Source Enhancements

This release brings significant improvements to Gradle module resolutions. The Snyk CLI's Gradle dependency resolution will now default to finding all artifacts against resolved dependencies. You can read more about this here.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to benefit from these new features and improvements!

We are pleased to announce a bug fix for Snyk Open Source PHP support in the Snyk CLI.

With this update CLI support for PHP will be improved as follows:

• Today, Snyk CLI test and monitor commands may fail for users who only have composer.phar locally, and no global composer. With this bug fix, these scans will now succeed

How will my scan results change?

• CI/CD pipelines that were failing due to this error may now succeed after upgrading to the new CLI version

• New issues may be found when the projects are scanned successfully

What are the next steps?

The changes are available now in the preview channel of the CLI, and will be included in the stable channel on 14 May 2025.

We are pleased to announce two Snyk Open Source bug fixes for Gradle support in the CLI.

With this update CLI support for Gradle will be improved as follows:

• Multiple packages with the same artifactId will be included in the dependency graph correctly.

• platform dependencies will no longer be included in the dependency graph. Platform dependencies are not regular dependencies of the project, and do not result in an artifact. Rather they control the versions of other dependencies, in a similar way to dependency management BOMs in Maven.

How will my scan results change?

Overall, this release should not lead to an increase in vulns or issues.

• artifactId change - we might find more paths in the dependency graph, but the packages and issues should remain the same.

• platform change - potentially fewer issues.

What are the next steps?

The changes are available now in the preview channel of the CLI, and will be included in the stable channel on 14 May 2025.

We’ve released a CLI hotfix (v1.1296.2) to enhance the following use cases and introduce new capabilities:

• Experimental Model Context Protocol (MCP) Integration: Enables integrating Snyk scans (Open Source & Code) into MCP-compatible tools using the new snyk mcp --experimental command. This allows the CLI to act as an MCP server for these integrations. Note: This feature is experimental and may evolve. You can read more about Snyk MCP here.

• Routine enhancements: Incorporates routine enhancements for security and reliability.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We’ve released a CLI hotfix (v1.1296.1) to enhance the following use cases:

• Poetry 2 Open Source is now supported in the Snyk CLI, with the same features as for Poetry 1, as mentioned here. Upgrade to the new CLI version and run snyk test or snyk monitor as usual.

• Increase authentication resilience for OAuth connections.

• Fix duplicate Open Source Issues appearing only in a single IDE tree node, despite occurring in multiple files.

• Avoid that the trust dialog blocks the language server.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We are pleased to announce the latest stable Snyk CLI release v1.1296.0

Important reminder: Snyk's primary distribution channel for CLI is downloads.snyk.io rather than static.snyk.io. Please ensure you whitelist this domain to ensure seamless updates with npm, Homebrew, Scoop, and CI/CD integrations.

We are introducing the following new features in this version. To learn more about bug fixes beyond what is highlighted below, please reference the release notes.

Error handling enhancements

We've made significant improvements to our error handling for Snyk scans. You'll now see consistent error code formatting for exit codes 2 and 3 across all scan commands. To simplify troubleshooting, we've also enhanced our debug logs, making them easier to interpret. In the event of an error, a unique Interaction ID will be displayed in the main CLI output, facilitating faster issue tracking and more efficient communication with our support team.

Container enhancements

We're empowering you with more control over container scanning. The Snyk CLI now supports scans for Kaniko generated images, and you can optimize scan times by excluding node_modules directories within Node.js containers.

Open Source enhancements

We've made significant improvements to open source analysis. snyk test --scan-all-unmanaged now identifies all possible package identities based on SHA1 hashes for JAR, WAR, and AAR files, providing more comprehensive coverage.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We’ve released a CLI hotfix (v1.1295.4), resolving CVE-2025-21614. This hotfix upgrades necessary dependencies and maintains the same user experience as the previous stable version.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!