Bump snyk from 1.305.0 to 1.639.0

[dependabot-preview[bot]]

Bumps snyk from 1.305.0 to 1.639.0.

Release notes

Sourced from snyk's releases.

v1.639.0

1.639.0 (2021-06-17)

Features

• release @​snyk/fix Poetry support (94f65df)

v1.638.0

1.638.0 (2021-06-17)

Bug Fixes

• do not modify Pipfile.lock #1487 (bdbac4a)

v1.637.0

1.637.0 (2021-06-17)

Features

• add Python 3.8 and 3.9 Docker images (dfa7565)

v1.636.0

1.636.0 (2021-06-17)

Features

• upgrade node in Snyk cli images (f68289a)

v1.635.0

1.635.0 (2021-06-17)

Features

• adjust sast sarif output to github standard (9f959ff)

v1.634.0

1.634.0 (2021-06-16)

Features

• support --command for Poetry fix (0210956)

v1.633.0

1.633.0 (2021-06-16)

... (truncated)

Commits

• 08f1a87 Merge pull request #2033 from snyk/feat/poetry-snyk-fix
• 94f65df feat: release @​snyk/fix Poetry support
• d560558 Merge pull request #2038 from snyk/fix/do-not-update-pipfile-lock
• e129288 Merge pull request #2037 from snyk/feat/add-Python-3.8-and-3.9-Docker-images
• bdbac4a fix: do not modify Pipfile.lock #1487
• dfa7565 feat: add Python 3.8 and 3.9 Docker images
• 7691e63 Merge pull request #2036 from snyk/chore/upgrade-node-vers
• f68289a feat: upgrade node in Snyk cli images
• 3a811e5 Merge pull request #2034 from snyk/feat/adjust-sast-sarif-payload-to-gh-standard
• eb226ae Merge pull request #2035 from snyk/feat/release-command-support
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

[dependabot-preview[bot]]

Superseded by #742.