Product Updates

We’ve released CLI hotfix v1.1297.1.

This version rolls back specific changes related to Gradle dependency resolution that were introduced in v1.1297.0.

We are taking this step to ensure stability for all users while we continue to refine this functionality. We plan to reintroduce these improvements for Gradle resolution in a future stable version once further enhancements are complete.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We are pleased to announce the latest stable Snyk CLI release v1.1297.0.

We are introducing the following new features and improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the release notes.

Container Enhancements

We've made scanning container image archives more straightforward. You can now directly scan image archives (e.g., image.tar) using snyk container test image.tar or snyk container monitor image.tar without needing to specify the image type as a prefix. This simplifies the command structure and streamlines your container security workflows.

Open Source Enhancements

This release brings significant improvements to Gradle module resolutions. The Snyk CLI's Gradle dependency resolution will now default to finding all artifacts against resolved dependencies. You can read more about this here.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to benefit from these new features and improvements!

We are pleased to announce a bug fix for Snyk Open Source PHP support in the Snyk CLI.

With this update CLI support for PHP will be improved as follows:

• Today, Snyk CLI test and monitor commands may fail for users who only have composer.phar locally, and no global composer. With this bug fix, these scans will now succeed

How will my scan results change?

• CI/CD pipelines that were failing due to this error may now succeed after upgrading to the new CLI version

• New issues may be found when the projects are scanned successfully

What are the next steps?

The changes are available now in the preview channel of the CLI, and will be included in the stable channel on 14 May 2025.

We are pleased to announce two Snyk Open Source bug fixes for Gradle support in the CLI.

With this update CLI support for Gradle will be improved as follows:

• Multiple packages with the same artifactId will be included in the dependency graph correctly.

• platform dependencies will no longer be included in the dependency graph. Platform dependencies are not regular dependencies of the project, and do not result in an artifact. Rather they control the versions of other dependencies, in a similar way to dependency management BOMs in Maven.

How will my scan results change?

Overall, this release should not lead to an increase in vulns or issues.

• artifactId change - we might find more paths in the dependency graph, but the packages and issues should remain the same.

• platform change - potentially fewer issues.

What are the next steps?

The changes are available now in the preview channel of the CLI, and will be included in the stable channel on 14 May 2025.

We’ve released a CLI hotfix (v1.1296.2) to enhance the following use cases and introduce new capabilities:

• Experimental Model Context Protocol (MCP) Integration: Enables integrating Snyk scans (Open Source & Code) into MCP-compatible tools using the new snyk mcp --experimental command. This allows the CLI to act as an MCP server for these integrations. Note: This feature is experimental and may evolve. You can read more about Snyk MCP here.

• Routine enhancements: Incorporates routine enhancements for security and reliability.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We’ve released a CLI hotfix (v1.1296.1) to enhance the following use cases:

• Poetry 2 Open Source is now supported in the Snyk CLI, with the same features as for Poetry 1, as mentioned here. Upgrade to the new CLI version and run snyk test or snyk monitor as usual.

• Increase authentication resilience for OAuth connections.

• Fix duplicate Open Source Issues appearing only in a single IDE tree node, despite occurring in multiple files.

• Avoid that the trust dialog blocks the language server.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We are pleased to announce the latest stable Snyk CLI release v1.1296.0

Important reminder: Snyk's primary distribution channel for CLI is downloads.snyk.io rather than static.snyk.io. Please ensure you whitelist this domain to ensure seamless updates with npm, Homebrew, Scoop, and CI/CD integrations.

We are introducing the following new features in this version. To learn more about bug fixes beyond what is highlighted below, please reference the release notes.

Error handling enhancements

We've made significant improvements to our error handling for Snyk scans. You'll now see consistent error code formatting for exit codes 2 and 3 across all scan commands. To simplify troubleshooting, we've also enhanced our debug logs, making them easier to interpret. In the event of an error, a unique Interaction ID will be displayed in the main CLI output, facilitating faster issue tracking and more efficient communication with our support team.

Container enhancements

We're empowering you with more control over container scanning. The Snyk CLI now supports scans for Kaniko generated images, and you can optimize scan times by excluding node_modules directories within Node.js containers.

Open Source enhancements

We've made significant improvements to open source analysis. snyk test --scan-all-unmanaged now identifies all possible package identities based on SHA1 hashes for JAR, WAR, and AAR files, providing more comprehensive coverage.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We’ve released a CLI hotfix (v1.1295.4), resolving CVE-2025-21614. This hotfix upgrades necessary dependencies and maintains the same user experience as the previous stable version.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We’ve released a CLI hotfix (v1.1295.3) to enhance the following use cases:

• Improved memory usage when executing code scans on large projects

• Fix incorrect filtering of files when executing code scans which could fail the analysis

• Fix unexpected logouts that were reported when using OAuth2 authentication

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We are pleased to announce the latest stable Snyk CLI release v1.1295.0.

We are introducing the following new features in this version. To learn more about bug fixes beyond what is highlighted below, please reference the release notes.

Automatic region configuration during OAuth

During OAuth authentication, the CLI will automatically detect the API URL to be used for authentication.

Support for verbose Gradle graphs

When generating SBOMs via CLI for Gradle graphs, we’re removing pre-pruning of dependencies.

You can learn more about Snyk CLI release channels in the user documentation.