Skip to content

Releases: snyk/cli

v1.1306.0

Choose a tag to compare

@team-cli-bot team-cli-bot released this 09 Jul 12:32
d4e9a98

1.1306.0 (2026-07-09)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

  • doctor: Adds the snyk doctor command to diagnose common CLI problems: generate a diagnostic report for the current system, or analyze debug log output. (ab56a0e)
  • container: Container scans now detect the Java runtime version across a wider range of JVM base images, and can now find vulnerabilities in .NET application dependencies. (5586aac)
  • mcp: The breakability evaluation tool in the Snyk MCP Server is now enabled by default and no longer requires an experimental flag. (56a9196)
  • test: Improves dependency detection for Gradle projects. (c819b69)
  • redteam: The experimental snyk redteam command has been removed from the CLI, following its deprecation (deprecation date May 31, 2026). (c7d0e3e)

Bug Fixes

  • general: Shows a warning when a request is automatically retried due to rate limiting, instead of retrying silently. (f803397)
  • general: Skips the reachability upload when no supported files are present, instead of failing. (9ba448c)
  • test: Fixes dependency resolution for Swift Package Manager projects that reference packages by registry identity, so they're correctly matched to their GitHub source for vulnerability scanning. (64ac442)
  • test: Fixes scanning of sbt projects with custom Scala configurations. (5765a12)
  • test: Fixes a bug where scanning Yarn workspaces could report vulnerabilities from a workspace member's dev dependencies as if they were production dependencies, when that member was consumed by a sibling package. (ade08e4)
  • deps: Updates dependencies to fix vulnerabilities:

v1.1305.2

Choose a tag to compare

@team-cli-bot team-cli-bot released this 23 Jun 09:58
26cac57

1.1305.2 (2026-06-23)

Bug Fixes

v1.1305.1

Choose a tag to compare

@team-cli-bot team-cli-bot released this 02 Jun 10:24
1602f76

1.1305.1 (2026-06-02)

Bug Fixes

v1.1305.0

Choose a tag to compare

@team-cli-bot team-cli-bot released this 20 May 12:58
b9c7b9a

1.1305.0 (2026-05-20)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

  • sbom: Introduces the --allow-incomplete-sbom flag for snyk sbom, allowing the SBOM to be generated even when individual projects fail to resolve. Failed projects are surfaced as per-project errors alongside the successful results. (29ba128)
  • container: Speed up snyk container monitor by sending dependency requests in parallel, configurable via the SNYK_REQUEST_CONCURRENCY environment variable. (186c5fb, 6764f65)
  • general: Linux ARM64 and AMD64 binaries are now statically linked by default. (f02b850)
  • mcp: Adds an experimental breakability evaluation tool to the Snyk MCP Server. (69806f5)

Bug Fixes

v1.1304.3

Choose a tag to compare

@team-cli-bot team-cli-bot released this 13 May 12:25
494c2a9

1.1304.3 (2026-05-13)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

Known Issues

v1.1304.2

Choose a tag to compare

@team-cli-bot team-cli-bot released this 06 May 13:59
3a70970

1.1304.2 (2026-05-06)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

v1.1304.1

Choose a tag to compare

@team-cli-bot team-cli-bot released this 27 Apr 12:51
00971dc

1.1304.1 (2026-04-27)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

  • general: Improved error handling to prioritize and surface the most relevant error and derive the correct exit code when multiple errors occur during CLI execution. (b505a96)
  • deps: Updates dependencies to fix vulnerabilities for CVE-2026-4660 and CVE-2026-39883 (2a95d85)
  • agent-scan: Improved CI flexibility with an issues ignore option, and added support for Windows x86 and macOS x86 architectures. (7d72bbf)

v1.1304.0

Choose a tag to compare

@team-cli-bot team-cli-bot released this 09 Apr 11:40
28558dc

1.1304.0 (2026-04-09)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

  • aibom: Introduces the snyk aibom test command. (2978044)
  • test, monitor, sbom: Introduce --maven-skip-wrapper flag to force the use of a globally installed mvn command. (0ee90ca, ff31066)
  • general: Introduce explicit configuration for network retry max-attempts. (1fbdf38)
  • container: Add deprecation warnings for -shaded-jars-depth and non-numeric values for --nested-jars-depth. (321b6f5)
  • container: Extend support for java runtime binary scanning (b60473a)
  • mcp: Improves auto-enable behavior for Snyk Code, promotes package health checks to stable. (5f5898f)
  • redteam: Adds a vulnerability summary to scanned output. (52eaf5a)
  • redteam: Add --json flag support for list commands, exhaustive and eager modes. (e962c4d)

Bug Fixes

  • general: Fix printing JSON output on stdout when only --json-file-output is specified. (32f65f0)
  • test: Fixes an issue where no files were uploaded when using --skip-unresolved. (71ca761)
  • test: Prevents scan failures when Maven builds succeed with non-fatal errors. (b30db97)
  • test: Fixes Go PackageURL generation and import path normalization for projects using replace directives. (7c7a366, ee7d72b)
  • test: Improves SDK detection when host and SDK versions differ. (96d0817)
  • test: Ensures project names are populated when scanning NuGet projects from repository root. (c043553)
  • container: Snyk Container scans of tar files on Windows should now report vulnerabilities for Python application package files. (9b86790)
  • container: Override packages with inaccurate pom.properties files (b60473a)
  • test: Ensure Yarn workspace pacakges matches are actual members defined in the root package.json. (0dd6581)
  • test: Fix increased scan times when testing Golang projects. (f2f5ba2)
  • code: Snyk Code scans now return clearer error message and exit codes when testing unsupported projects (6f5b4e3)
  • test: Fix a bug where aliased packages were being resolved with the target name insted of the alias for yarn projects. (dcbec6f)
  • test: Fix a bug where Python packages with . characters in their name were incorrectly parsed to include - characters. (9a2a36e)
  • deps: Updates dependencies to fix vulnerabilities:

v1.1303.2

Choose a tag to compare

@team-cli-bot team-cli-bot released this 23 Mar 11:30
a748517

1.1303.2 (2026-03-23)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

  • redteam: Introducing Snyk Agent Red Teaming with attack profiles (fast, security, safety) via the new --profile flag, allowing users to select pre-configured sets of attack goals. (99e2953)
  • redteam: New terminology for goals, strategies, and attacks to better describe Agent Red Teaming workflows. (99e2953)
  • redteam: Tenant-based authentication using --tenant-id for routing Agent Red Teaming commands. (99e2953)
  • redteam: Interactive wizard to guide users through Agent Red Teaming configuration and setup. (99e2953)
  • container: Add Go stdlib vulnerability detection to container scans (aacdc53)

Bug Fixes

  • test: Fixes a bug where the CLI repeatedly evaluated user privileges (feature flags) when scanning multiple Go projects.(d348cb7)
  • test: Fixes a bug where scanning Go projects (with a replace directive pointing at a relative path) would fail due to badly formatted PackageURLs.(4c6b663)
  • container: upgrade minimatch dependency to 3.1.3 (aacdc53)
  • dependencies: Fix CVE-2026-33186 (f8a0602)
  • dependencies: Fix CVE-2025-69873 (d240fcf)
  • container: Fixes an issue where container scans of OCI archive images (including hybrid-format archives produced by Docker Desktop's containerd image store) could silently fail, returning exit code 0 with no vulnerability results. (4ad137f)

v1.1303.1

Choose a tag to compare

@team-cli-bot team-cli-bot released this 04 Mar 14:34
ff87b55

1.1303.1 (2026-03-04)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

  • ui: Fixed an issue where JSON output was incorrectly printed to stdout when only --json-file-output was specified. (d6d465d)
  • language-server: Fixed an issue where scans would not trigger when Snyk Code was enabled in IDE settings. (7567881)
  • mcp: Fixed an issue where Snyk rules were not written locally. (7567881)