Improved ecosystem coverage & quality for Snyk Open Source

General availability

We're excited to announce a series of coverage and quality improvements for Snyk Open Source across several key developer ecosystems, rolling out over the coming weeks. Our goal is to help you secure your applications as you evolve and scale them, keeping pace with the latest releases and reliably scanning large, complex projects.

Improved SCA Coverage

We are committed to keeping up with the rapid pace of ecosystem updates. By broadening our support for the latest language versions and library structures, we help ensure your projects remain modern and protected without any friction.

Yarn 4

Snyk now supports Yarn 4 in both the CLI and the SCM integrations.

  • Availability: CLI support is available on January 14 in version 1.1302.0, with a gradual SCM rollout throughout January.

  • Note: Fix PRs and Upgrade PRs are currently not supported for Yarn workspaces.

  • No action required: Projects that previously failed now successfully scan.

Ruby 4

Snyk now supports Ruby 4 in both the CLI and the SCM integrations.

  • Availability: Support for both the CLI and SCM becomes available the week of January 21..

  • No action required: Since the Ruby version is selected based on your Gemfile, no customer action is needed to begin using this.

PHP 8.5 & Swift 6.2

In addition to the above, we are pleased to announce upcoming support for PHP 8.5 and Swift 6.2 to ensure our users on the bleeding edge of these ecosystems remain secure.

Improved vulnerability coverage

We’ve enhanced our coverage for Go by adding vulnerabilities impacting packages in the Go Standard library to our vulnerability database. Previously, these vulnerabilities were not supported they are now detectable in both the CLI and SCM integrations.

  • Availability: SCM and CLI support will become available throughout January.

Improved Quality

Beyond just supporting new versions, we are constantly refining our underlying scanning technology. These "under the hood" improvements focus on making scans faster and more resilient, especially for resource-intensive modern workloads.

Python (pip) Performance Improvements

We've introduced significant performance improvements for Python pip projects using SCM scanning. Previously, large projects—including those using AI and ML libraries such as pytorch—occasionally failed to resolve dependencies during scans. This problem has been resolved, helping you secure your Python applications.

  • Availability: SCM rollout is happening throughout January, with CLI support following  in March.

Headshot of Johann Sutherland

Johann Sutherland

Tags:
SCACLISCM Import