Product Updates

We are pleased to announce the new stable releases for our IDE plugins. The new versions are:

• Visual Studio Code v2.24.0

• JetBrains v2.16.0

• Visual Studio v2.4.0

• Eclipse v3.4.0

This release is focused on enhancing stability and reliability, with key updates including:

• Improved Proxy & Certificate Handling (VS Code): We've enhanced the CLI download process to better respect proxy settings and custom certificates set in the IDE. -This will reduce download failures for users in corporate environments.

• Enhanced Security (Visual Studio): Fixed an issue where the folder trust prompt could be bypassed when auto-scan was enabled.

• More Accurate Scans (All IDEs): We have improved the detection of Git branches, leading to more accurate scan results.

• Custom Endpoint Authentication (All IDEs): Resolved an issue that could prevent users from correctly authenticating with a custom Snyk endpoint.

Please consult the changelog for each of our plugins for a more detailed list of other bug fixes and enhancements.

You can learn more about the Snyk IDE plugins in our Learn resources.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the newest versions!

We’ve released hotfix v2.23.1 for our Visual Studio Code extension.

This update addresses two use cases that improve stability and the overall user experience. We have enhanced how the plugin handles network proxies and certificates, which will reduce download errors within the IDE. This release also fixes a bug that prevented the GCA integration from working correctly in some cases.

There are no other functional changes in this version, so your day-to-day experience using the extension will remain the same.

If you have any questions, feel free to reach out to our support team.

We encourage everyone to upgrade to the latest version to benefit from these improvements!

Following our Early Access launch of Snyk MCP for Agentic Workflows, we are excited to introduce powerful new visibility into how your teams are adopting Snyk in their local and AI-driven development environments.

We are rolling out key new metrics to the Developer IDE and CLI usage report to capture detailed MCP usage. This update will provide deeper insights into developer adoption with three key additions:

• Top-Level MCP Scan Count: A high-level summary of the total number of MCP scans performed by your team.

• Usage Breakdown Chart: A new chart that visualizes the usage split between the Snyk CLI, our various IDE plugins, and Agentic Scans (MCP), helping you clearly see which platforms developers leverage.

• MCP Host Breakdown Chart: To offer more granular insights, a new chart will break down Agentic Scans by the specific host application, such as Windsurf, Cursor, and others.

These new reporting features will allow security teams to demonstrate strong shift-left behavior and identify teams that are successfully adopting Snyk locally as a model for the rest of the organization.

To enable this new level of insight, it is required for users to update to the latest versions of the Snyk CLI (v1.1298.1).

Please reference our documentation for all the details and prerequisites to use the report.

We are pleased to announce the new stable releases for our IDE plugins. The new versions are:

• Visual Studio Code v2.23.0

• JetBrains v2.15.0

• Visual Studio v2.3.0

• Eclipse v3.2.0

The releases include notable enhancements and changes:

• Personal Access Token (PAT) Support: We've added support for Personal Access Tokens (PAT) for authentication across all IDEs. This provides another secure method to connect to Snyk, in addition to our existing OAuth and legacy token methods.

• Feature Removals: The following three features are being removed (as previously announced here):

  • Code Quality Findings in Snyk Code

  • JavaScript CDN Library Detection in HTML, JS, and TS files

  • Container Image Detection in Kubernetes YAML Files

• VS Code Copilot Integration: The Snyk VS Code extension will now be automatically detected to support the Model Context Protocol (MCP) in GitHub Copilot, allowing for a more integrated AI-driven security experience directly in the editor. More details here.

Please consult the changelog for each of our plugins for a more detailed list of other bug fixes and enhancements.

You can learn more about the Snyk IDE plugins in our Learn resources.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the newest versions once they are available in your IDE's marketplace!

To enhance developer efficiency and optimize our security tools, Snyk is excited to introduce a new architecture for the Snyk integrations public documentation. This centralized documentation section offers a dedicated and organized area for all Snyk CLI, IDE, and CI/CD integrations.

The objective is to integrate security seamlessly into the software development lifecycle. This update directly supports that goal by offering a cohesive discovery point of the developer tools, clearly distinct from SCM and other platform integrations. The result is a more logical and intuitive user experience.

This change provides the following advantages:

• Improved usability: By creating a dedicated section for developer-centric integrations, users can locate and configure the necessary tools with greater precision and fewer errors.

• Accelerated tool adoption: The centralized documentation section simplifies the discovery process, allowing development and security teams to implement and deploy Snyk more quickly across their workflow environments.

• Increased efficiency: Users can save considerable time when accessing and managing the integrations essential to their daily development and security workflows.

To ensure continuity, all bookmarks and links to previous integration pages will be automatically redirected to their new locations within the public documentation, preventing any disruption to user workflows.

This information architecture change will officially come into effect on July 9, 2025.

Snyk Code Consistent Ignores is now Generally Available (GA) for all Snyk Code customers.

This capability ensures ignores are consistently applied in all surfaces throughout the development lifecycle, helping your teams eliminate distractions and focus on the risks that matter most. This means ignores are now respected across projects, branches, and integrations within a repository, notably in the IDE plugins, the Snyk CLI, and native PR checks.

For existing customers, Snyk Code Consistent Ignores can be enabled by toggling this on in your Group or Org settings. Any newly created groups or orgs will have this functionality enabled by default going forward.

We're thrilled to bring this powerful capability as a core offering of the Snyk platform, bringing a new level of focus and efficiency to your security workflows. For more detailed information on how Snyk Code Consistent Ignores works, check out the documentation and the Snyk Learn lesson.

We’ve released hotfix v2.13.1 for our JetBrains IDE plugin.

This update solely addresses a scenario where special characters within file paths would create errors within the JetBrains plugin. There are no other functional changes or enhancements, so your experience using the plugin will remain the same.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We are pleased to announce the latest stable releases for:

• Visual Studio Code v2.22.0

• JetBrains v2.13.0

• Eclipse v3.2.0

• Visual Studio v2.2.1

The releases include notable bug fixes and enhancements:

• Fixed an issue where additionalParameters and baseBranch were not persisted when the opened workspace folder was not a Git repository.

• Addressed various persistence issues related to folderConfig.

Please consult the changelog for each of our plugins for a more detailed list of other bug fixes.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the newest versions!

We’ve released hotfix v2.12.2 for our JetBrains IDE plugin.

This update solely ensures compatibility with the IntelliJ 2025.1 release. This hotfix addresses compatibility only; there are no other functional changes or enhancements, so your experience using the plugin will remain the same.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!

We’ve released a hotfix for our Visual Studio Code IDE plugin (v2.21.1) to address the following issues:

• Improved handling of local certificates in environments configured with a network proxy. This resolves potential failures, such as when the IDE downloads required components.

• Routine enhancements: Incorporates routine enhancements for reliability.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team.

We encourage everyone to upgrade to the latest version!