Product Updates

We are excited to announce that on Thursday, September 28th, we will officially launch GA support for Kotlin and VB.NET, enabled for all customers. This milestone is a result of months of development, including feedback from 275 customers who conducted scans, significant enhancements driven by input received through customer calls and support tickets, the assessment of benchmark applications and open-source repositories, as well as a comprehensive review of industry and competitor research findings.

For customers with Kotlin or VB.NET code, please anticipate a potential increase in issues.

If you have any questions, please reach out to your account teams.

We're excited to share that Snyk now supports generating CycloneDX/SPDX SBOMs for images using the Snyk Container CLI.

Use the snyk container sbom --format=<cyclonedx1.4+json|cyclonedx1.4+xml|spdx2.3+json> <IMAGE> command to generate SBOM for your image.

This change is available in CLI version 1.1226.0.

To learn more, check out our user documentation. If you have any questions or feedback, please reach out to your account team.

Over the next two weeks, we continue to enhance Snyk Code. As a result, the following improvements will be implemented:

• C#, Java, Python: aligning issue severity across languages for consistency. Customers should expect similar or fewer issues

• Java: improving java sanitizers. Customers should expect similar or fewer issues

• Java/JSP: re-enabling processing of JSP taglib directives. Customers should expect potential increase in issues (released Wed, 9/27)

If you have any questions, please reach out to your account teams.

Snyk Code has been at the forefront of PHP static analysis since its launch 2 years ago.

In 2 weeks time we will roll out a new PHP analysis engine that is smarter. From our benchmarks, we expect a similar number of matches overall, but of much higher quality. This is due to three improvements:

• The new engine is capable of deeper analysis, and so doesn’t use approximations as often. This removes many false positive matches.

• Object-orientated code that makes use of classes, methods and properties is analysed much better, adding new correct matches.

• Interfile analysis is enabled, which detects vulnerabilities across multiple source files.

If you have any questions, please contact support or your account manager.

We are very pleased to announce that Snyk Open Source now supports scanning Pipenv projects via Git integrations!

With this update, you can now import your Pipenv projects into the Snyk web UI simply by connecting your existing Git repositories.

We'll do the hard work of discovering all the dependencies and reporting all related vulnerabilities and licenses.

To get started, head over to the docs or just re/import your repos and check out your shiny new Pipenv projects 🤗

We are excited to announce that on Wednesday, September 6th, we will officially launch GA support for Swift and Scala, enabled for all customers. This milestone follows substantial improvements driven by valuable feedback from customer support tickets, calls, and improvements through benchmark applications and open-source repositories.

For customers with Swift or Scala code, please anticipate a potential increase in issues.

If you have any questions, please reach out to your account teams.

We're excited to share that Snyk now supports testing CycloneDX SBOMs for vulnerabilities through a set of async APIs.

Right now this feature is in open beta and support is limited to the npm and Maven ecosystems. Support for additional ecosystems and SPDX are coming soon.

To learn more, check out the API docs and user docs. We look forward to hearing your feedback, so please don't hesitate to reach out to your account team.

The scheduled maintenance on Sunday, September 3rd from 14:30-15:30 UTC has been completed successfully. Snyk's US based instance is now available. More details about the maintenance can be found at status.snyk.io.

As part of our ongoing commitments to improve the performance and stability of Snyk, we'll be performing scheduled maintenance of our systems on Sunday, September 3rd during 14:30-15:30 UTC. You can check status.snyk.io for the latest status.

During this time, Snyk will be completely unavailable for all customers in the US based instance (app.snyk.io) for up to 1 hour. After the maintenance has been completed, all functionality will return and all historical data will be available. We apologize for any inconvenience this may cause.

Since September 2020, Snyk has provided plugins for the JetBrains family of IDEs – IntelliJ, WebStorm, Android Studio and more – so developers using these tools have Snyk’s world-class developer-first security tooling at their fingertips.

A Commitment to Compatibility

As developers ourselves, we understand the significance of having a seamless and efficient coding experience, and we are committed to ensuring that our JetBrains plugins align with the latest advancements in the JetBrains ecosystem. To achieve this, we have decided to align our plugins' supported versions with those officially supported by JetBrains. This alignment is crucial to maintaining stability, functionality, and performance in your coding environment.

Supported IntelliJ Versions

Moving forward, our plugins will exclusively support versions of JetBrains IDEs that are also supported by JetBrains. This means that our plugins' features, updates, and optimizations will be guaranteed to work flawlessly on these officially endorsed versions. We believe that by synchronizing our efforts with JetBrains' own support roadmap, we can provide you with an unparalleled coding experience.

While we strive to ensure compatibility with officially supported JetBrains versions, we understand that some of our users might continue to utilize older, unsupported versions. While our plugin might continue to function on such versions, we cannot guarantee the same level of reliability and performance as on the officially supported releases. Older versions of our plugin are available for download on the JetBrains Marketplace.

For the best experience with our plugins, we strongly recommend that you always use the latest version of the IDE supported by JetBrains. This approach not only ensures optimal performance but also allows you to benefit from the latest features and security enhancements provided by both JetBrains and our plugin.

Support When You Need It

If you encounter any difficulties while using our JetBrains plugins, we encourage you to first ensure that you are using a supported version of the IDE. If problems persist, please don't hesitate to reach out to our dedicated support team. We are here to assist you and resolve any concerns you may have.

Thank you for being a part of our journey towards secure coding greatness!