Snyk Open Source ecosystem coverage update
We've expanded Snyk Open Source coverage with improved scanning capabilities. These updates help you close security gaps and manage dependencies more effectively. Key improvements include new support for the uv package manager and enhanced Go scanning for private dependencies.
uv SCM support
The uv package manager is an emerging tool in the Python ecosystem. Following our earlier CLI release, uv is now available in SCM integrations. You can import uv projects and workspaces, use PR Checks, and monitor your code directly from your connected Git repositories. You do not need to use the CLI for these tasks. uv joins pip, Poetry, and Pipenv as the fourth Python ecosystem with native support in Snyk Open Source.
To get started, enable this feature for your Groups and Organizations in Snyk Preview. You can find more details in the Snyk documentation.
Improved Go scanning
Our Go scanning improvements are now generally available. This update features support for private dependencies. Go teams that use private module proxies, such as Artifactory or Nexus, or private repositories via Broker, can now achieve the same depth of scanning available for public modules.
This ensures you have no blind spots in your dependency graph when a module lives behind authentication. We support both brokered and direct connections across all SCM integrations. We are rolling this out to all users over the next two weeks. You can learn how to configure private dependencies in the Snyk documentation.