Product Updates

We have released a new CLI hotfix (v1.1301.2) to address a bug when using Snyk with agentic integrations such as Amazon Kiro:

• MCP: Ensure compliance with the model context protocol specification

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk Support team.

We have released a new CLI hotfix (v1.1301.1) to address bugs and improve the overall user experience:

• Reachability

  • Fixed an issue in test, when using reachability, that caused the fix advice to display incorrectly on certain occasions

  • Resolved a monitor bug with double-dashed arguments when using reachability

• General improvements

  • Improved scanning speed when running test/monitor with reachability

  • Improved SCA scanning through MCP with fewer I/O operations

  • Fixed multiple issues to make Snyk work more smoothly in your code editor

  • Updated dependencies to improve stability and security

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk Support team.

We're excited to announce support for .NET 10 for Open Source, which was released on November 11. This update ensures you can securely build and scan your newest .NET applications. We’ve added this support for scans using both our command line interface (CLI) and integrations with source code management (SCM) systems. This feature is now generally available (GA) and supported within our "Improved .NET scanning" capability.

The .NET ecosystem is a top priority for many developers and for us. We are committed to providing quick support for all new major releases, and this update continues that commitment. This allows you to adopt new technology without sacrificing security visibility.

All developers using .NET 10 can immediately begin scanning their projects using the Snyk CLI or their integrated SCM tools—no manual configuration or action is required to enable this feature. Please be aware that simply changing your .NET target framework does not automatically update the associated project dependencies.

Note that RestoreEnablePackagePruning flag introduced in .NET 10 prunes unused system packages from the project. Those dependencies can be including again by setting the RestoreEnablePackagePruning property to false in your project file or Directory.Build.props file.

To learn more, visit our Snyk User Documentation and for more information about see updating the projects, see this help article.

We’re pleased to announce that Reachability for Snyk CLI and CI/CD integrations is now available in Early Access for all Snyk Open Source customers.

As a refresher, Snyk’s Reachability analysis works by scanning your source code and determining whether the code that makes a vulnerability exploitable is reachable, either directly or transitively.

Starting today, you can now use Reachability with the latest Snyk CLI and CI/CD integrations to prevent these contextually relevant and higher risk issues from reaching production.

For more information on how to get started, please take a look our our User Docs.

We are pleased to announce the latest stable Snyk CLI release, v1.1301.0.

We are introducing the following key improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Snyk Container: Container scanning now supports both Ubuntu Chisel images and zstd-compressed layers, as well as usr/lib JAR files via the `--include-system-jars` parameter.

• Snyk Open Source: Initial support for Maven 4 is available for Open Source's test, monitor and SBOM commands.

• Snyk Open Source: Reachability for Snyk CLI and CI/CD integrations is now available in Early Access for all Snyk Open Source customers.

• Snyk SBOM: A new experimental flag, `--include-provenance`, for Maven projects that includes verification checksums in SBOMs.

• Snyk Studio: Snyk Studio now supports writing scan output into a file, and Service Account support.

• Stability, security, and performance: This release also includes numerous bug fixes and enhancements to improve the overall stability, security, and performance of the CLI.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to take advantage of these new features and improvements.

We're happy to announce that we now support Python 3.14. Following its release on October 7, 2025, this support is now generally available (GA). You can now scan your Python 3.14 projects using both the command line interface (CLI) and your source control manager (SCM) integrations.

Python is a top-priority ecosystem for many of our users. We're committed to providing support for new language versions as quickly as possible so you can upgrade and stay secure without interruption.

You can now import and scan your Python 3.14 projects from the CLI or your connected SCM. Please remember: if your project does not have a Python version specified, you need to configure it in the UI to use Python 3.14.

To learn more, visit Snyk for Python in our user documentation.

We have released a new CLI hotfix (v1.1300.1) to address bugs and improve the overall user experience.

• Improvements to how Snyk’s MCP server works with our VSCode IDE extension, sharing context between the two implementations, which reduces the number of steps needed to get started

• Security, stability, and usability: This release features important security and bug fixes, alongside enhanced usability thanks to improved network error categorization.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to take advantage of these improvements.

Snyk Code CLI Upload is now Generally Available. This powerful capability bridges the gap between local CLI scanning and the centralized power of the Snyk Platform. By uploading your scan results directly from the CLI to the Snyk Web UI, you unlock the full range of Snyk features, helping your teams gain a comprehensive, centralized view of their security posture.

This means that projects scanned via the Snyk CLI are now seamlessly integrated into the platform, giving you unified management and visibility, including:

• Centralized Reporting: View historical trends, metrics, and risk overviews for CLI-scanned projects alongside your SCM-integrated projects.

• Full Platform Features: Access Organization and Group level views, enabling better governance, policy enforcement, and holistic security management across all your code, dependencies, and configurations.

• Unified Issue Management: Manage, triage, and collaborate on issues found by the CLI directly in the Snyk Web UI.

For all users, the Snyk Code CLI Upload functionality is available by updating to the latest Snyk CLI version and using the appropriate upload command/flag. This functionality is enabled and ready for use by default.

For more detailed information on how Snyk Code CLI Upload works and how to implement it, visit our CLI Upload documentation.

We're excited to announce that our support for the pnpm package manager is now generally available (GA). This update applies across the command line interface (CLI) and all Snyk source code management (SCM) integrations. Any new pnpm projects you import will now be correctly identified and scanned.

This has been a top request from the JavaScript community. We listened to your feedback and are thrilled to deliver this improvement to better support your workflows.

There is no action required from you. Over the next month, we will automatically migrate any of your existing projects that were previously misidentified as npm projects. All project history and any ignores you have configured will be preserved during this migration.

To learn more, visit the Supported Languages List in our user documentation.

We are pleased to announce the latest stable Snyk CLI release, v1.1300.0.

We are introducing the following key improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Snyk Container: Support for scanning system JARs has been introduced behind a feature flag. Also, the TargetOS is now part of the container scan output.

• Snyk Open Source: Maven projects relying on metaversions (RELEASE/LATEST) will now have those correctly resolved when executing snyk test commands. 

• General: We have introduced runAutomationDetails ID to the SARIF outputs.

• Stability, security, and performance: This release also includes numerous bug fixes and enhancements to improve the overall stability, security, and performance of the CLI.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version to benefit from these new features and improvements!