sonarcloud[bot]
commented
2 months ago 
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
This PR contains the following updates:
1.1291.1->1.1293.0Release Notes
snyk/snyk (snyk)
### [`v1.1293.0`](https://togithub.com/snyk/cli/releases/tag/v1.1293.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1292.4...v1.1293.0) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) ##### News - Starting with this version, Snyk cli binaries will be distributed via `downloads.snyk.io` instead of `static.snyk.io`. This includes intallation from `npm`, `homebrew` and `scoop` as well as many of the CI/CD integrations. ##### Features - **sbom:** add support for license issues in sbom test ([6948668](https://togithub.com/snyk/snyk/commit/6948668d57523c2e7fd76ff363cf2d1625b6f0f3)) - **auth:** Use OAuth2 as default authentication mechanism ([35949c4](https://togithub.com/snyk/snyk/commit/35949c4acdd3bcbd510a6ac076523f21366b91c2)) - **config:** Introduce config environment command ([0d8dd2b](https://togithub.com/snyk/snyk/commit/0d8dd2b04278e38fe5fd335ec3023f753c944988)) - **container:** When docker is not installed, platform parameter is now supported ([64b405d](https://togithub.com/snyk/snyk/commit/64b405d02733fb2423798f4cfbff19fa04110c2d)) ##### Bug Fixes - **auth:** align auth failure error messages for oauth ([e3bfec3](https://togithub.com/snyk/snyk/commit/e3bfec354e56499a2266a45804d0a93d17f46bce)) - **auth:** ensure environment variable precedence for auth tokens ([24417d6](https://togithub.com/snyk/snyk/commit/24417d6e7c7661c1a288a1f01502af17fdb54e64)) - **test:** fix a bug related to multi-project .NET folder structures ([755a38f](https://togithub.com/snyk/snyk/commit/755a38fc6b5c7b4f7631fced9e8f0fd8ed391819)) - **test:** multiple pnpm workspace improvements ([da5c14f](https://togithub.com/snyk/snyk/commit/da5c14fc344f17c7ac8c0969f2e0cb24ba59b6cd)) - **test:** fixes a bug regarding Snyk attempting to get the dependencies from the wrong nuget \*.deps.json file.([2e17434](https://togithub.com/snyk/snyk/commit/2e17434de99d342ea7dcedf5ba5bd250aae85eb3)) - **test:** support for pipenv with python 3.12 ([09df3bc](https://togithub.com/snyk/snyk/commit/09df3bc7dbcb184a56021ead7703732fa66ea273)) - **test:** support multi-part comparison for python pip versions. ([b625eb9](https://togithub.com/snyk/snyk/commit/b625eb90410d69047ef87b65cc0289f9360251fe)) - **container:** container monitor with --json now outputs valid json([039c9bd](https://togithub.com/snyk/snyk/commit/039c9bd13efa9397a8e442e80206bfabcc529125)) - **container:** support hashing large .jar files ([6f82231](https://togithub.com/snyk/snyk/commit/6f822317209e8b60bb07bf073bdcb9c78f402eb8)) - **sbom:** fix issues in JSON output of `sbom test` command, include CWE values on `CWE` property ([#5331](https://togithub.com/snyk/snyk/issues/5331)) ([99773c3](https://togithub.com/snyk/snyk/commit/99773c3eac6c41c61c9da7fc0f1b991e5298dc37)) - **sbom:** include all detected dep-graphs of a container image ([ea43977](https://togithub.com/snyk/snyk/commit/ea439770e88093d1a99d88957f48ea63ea82b09a)) - **iac:** fixed an issue where the resource path was missing for certain Terraform resources. [IAC-3015](\[0b5823a]\(https://github.com/snyk/snyk/commit/0b5823ae2673bfbec7a055c881e8055eeb8c01ee\)) - **general:** map previously unhandled exit codes to exit code 2 ([9fde4fe](https://togithub.com/snyk/snyk/commit/9fde4fec680f2ae0650baf6b1cfed5908984e9ef)) - **general:** use entitlements when signing bundled macos binaries ([bebc59c](https://togithub.com/snyk/snyk/commit/bebc59cbfbd20aef2e8531845579f2d78c5b07ca)) ### [`v1.1292.4`](https://togithub.com/snyk/cli/releases/tag/v1.1292.4) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1292.3...v1.1292.4) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) #### Complete changelog ##### Bug Fixes - **deployment:** Rollback of digital signature for the bundled macOS binary ([#5416](https://togithub.com/snyk/cli/pull/5416)) ### [`v1.1292.3`](https://togithub.com/snyk/cli/releases/tag/v1.1292.3) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1292.2...v1.1292.3) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) ##### Complete changelog ##### Bug Fixes - **deployment:** Add digital signature for the bundled macOS binary ([#5404](https://togithub.com/snyk/cli/pull/5404)) ### [`v1.1292.2`](https://togithub.com/snyk/cli/releases/tag/v1.1292.2) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1292.1...v1.1292.2) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) #### Complete changelog ##### Bug Fixes - **container test:** Improve the accuracy of identifying npm projects within docker images by removing the explicit folder ignore rules ([#5384](https://togithub.com/snyk/snyk/issues/5384)) - **container test:** Pass platform parameter when pulling an image from a container registry ([#5360](https://togithub.com/snyk/snyk/issues/5360)) ### [`v1.1292.1`](https://togithub.com/snyk/cli/releases/tag/v1.1292.1) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1292.0...v1.1292.1) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) #### Complete changelog ##### Bug Fixes - **test,monitor**: fix improper permission error handling when accessing 'enablePnpmCli' feature flag ### [`v1.1292.0`](https://togithub.com/snyk/cli/releases/tag/v1.1292.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1291.1...v1.1292.0) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) ##### News This Snyk CLI release delivers an assortment of bug fixes and improvements. - We've added support for pnpm, giving you more flexibility in your project setup. - You can now scan npm/yarn projects even without lockfiles, ensuring comprehensive vulnerability detection regardless of your dependency management approach. - We're committed to strengthening security. This release includes redaction of additional sensitive data in debug logs, minimizing potential risks. #### Complete changelog ##### Features - **test:** Added pnpm support under 'enablePnpmCli' feature flag ([#5181](https://togithub.com/snyk/snyk/issues/5181)) ([46769cc](https://togithub.com/snyk/snyk/commit/46769ccefc0c9ca98a44ad4bdd2b4d8161294dbf)) - **test:** Support scan of npm/yarn projects without lockfiles ([e2d77a9](https://togithub.com/snyk/snyk/commit/e2d77a93da3701f4ade32e7432f870945c3763b2)) - **monitor:** Set target-reference in the monitor request ([51ed8f5](https://togithub.com/snyk/snyk/commit/51ed8f53595d7545537900762836823ced29c958)) - **code:** Centrally check if code test is enabled ([#5239](https://togithub.com/snyk/snyk/issues/5239)) ([e5a00e2](https://togithub.com/snyk/snyk/commit/e5a00e24cbe17b3b9859a39d74f1fe85e773ae4b)) - **sbom:** Improve depgraph for Maven projects ([fbb33d7](https://togithub.com/snyk/snyk/commit/fbb33d7e17f5866501abd4e4022e86eecb390415)) - **sbom:** Use RFC 3339 for all timestamps in sbom test result ([#5204](https://togithub.com/snyk/snyk/issues/5204)) ([91bf191](https://togithub.com/snyk/snyk/commit/91bf1911997534c0bc2a6c0e093cf113f1292c49)) - **language-server:** Add --all-projects flag scans by default[#β5247](https://togithub.com/snyk/snyk/issues/5247)k/snyk/issues/5247\)) ([fdcf30e](https://togithub.com/snyk/snyk/commit/fdcf30e7421b7f8342d11003508f293661264a66)) - **language-server:** Enable incremental scanning[#β5291](https://togithub.com/snyk/snyk/issues/5291)k/snyk/issues/5291\)) ([d198685](https://togithub.com/snyk/snyk/commit/d1986856b152419e1712fa2c35b9b73303c428f9)) - **language-server:** Add support for IDE themes ([c1c4d08](https://togithub.com/snyk/snyk/commit/c1c4d0805252ee96c7e081edd6b4e42a23cee3b8)) - **language-server:** Consistent styling across intellij and vscode ([#5282](https://togithub.com/snyk/snyk/issues/5282)) ([9aa6f76](https://togithub.com/snyk/snyk/commit/9aa6f76201661e8270a92ccc38c75285df435634)) - **logging:** Redact additional types of sensitive data from debug logs ([#5254](https://togithub.com/snyk/snyk/issues/5254)) ([056cdab](https://togithub.com/snyk/snyk/commit/056cdab070102aec927db831090b5bb82df9d31e)) ##### Bug Fixes - **auth:** Autodetect IDE usage and fallback to API token based authentication ([#5241](https://togithub.com/snyk/snyk/issues/5241)) ([4c795e0](https://togithub.com/snyk/snyk/commit/4c795e008e17386ac04466a45a9785e81258853b)) - **iac:** Upgrade iac custom rules to address Vulnerabilities[#β5191](https://togithub.com/snyk/snyk/issues/5191)yk/snyk/issues/5191\)) ([453db24](https://togithub.com/snyk/snyk/commit/453db24fb3fa8e58e4a69920ba18045ecbd650a2)) - **language-server:** Caching problem when no vulnerabilities in the IDE ([#5223](https://togithub.com/snyk/snyk/issues/5223)) ([89c9491](https://togithub.com/snyk/snyk/commit/89c949162edd89d0553b6e6cbb1c14c62379eae9)) - **language-server:** Remove incorrect /v1 path ([#5214](https://togithub.com/snyk/snyk/issues/5214)) ([cf16470](https://togithub.com/snyk/snyk/commit/cf16470090b6f1db7fd7f7577a243e4d356d843f)) - **dependencies:** Update dependencies to reduce vulnerabilities ([#5131](https://togithub.com/snyk/snyk/issues/5131)) ([4c7cb3c](https://togithub.com/snyk/snyk/commit/4c7cb3cd0931e0b8717425ac4857b116cee001ee)) - **sbom:** sbom test output padding ([e3b7cac](https://togithub.com/snyk/snyk/commit/e3b7cac1b3fc628407e1ba520302f3569684d115)) - **sbom:** Fix container purl generation for apt and rpm ([#5207](https://togithub.com/snyk/snyk/issues/5207)) ([fa9d512](https://togithub.com/snyk/snyk/commit/fa9d512512203adcdc133ed988ac260543f8816a)) - **sbom:** Retain error code during SBOM generation ([#5202](https://togithub.com/snyk/snyk/issues/5202)) ([5e98aaa](https://togithub.com/snyk/snyk/commit/5e98aaa6b14fe2d3622a3cc1ce76b655f43bb42c)) - **test:** support cyclic dependencies in maven with dverbose ([#5208](https://togithub.com/snyk/snyk/issues/5208)) ([fb24c02](https://togithub.com/snyk/snyk/commit/fb24c024a8bee69ae59acf79adfac7866255b2b7)) - **test:** Add tool version and informationUri to sarif output ([#5203](https://togithub.com/snyk/snyk/issues/5203)) ([b899fd3](https://togithub.com/snyk/snyk/commit/b899fd3af211e8b95656a08b9b0ecefc086ef5d5)) - **test:** fixing several .NET bugs ([#5217](https://togithub.com/snyk/snyk/issues/5217)) ([c27d767](https://togithub.com/snyk/snyk/commit/c27d7671c1c9d20089f10663b71875e6bcf05481)) - **test:** fixing a bug causing .NET beta scanning to fail on older versions of .NET ([#5228](https://togithub.com/snyk/snyk/issues/5228)) ([5fdecf7](https://togithub.com/snyk/snyk/commit/5fdecf72e6f370bd31baadce6d1e5273018798c1)) - **test:** .NET runtime resolution testing now supports projects targeting .NET Standard frameworks ([#5169](https://togithub.com/snyk/snyk/issues/5169)) ([44d0861](https://togithub.com/snyk/snyk/commit/44d0861e41de81f847c6b57c74a67c5fc816e9df)) - **test:** fix issues of type 'Cannot find module ...' in snyk-docker-plugin ([#5301](https://togithub.com/snyk/snyk/issues/5301)) ([88efd54](https://togithub.com/snyk/snyk/commit/88efd549956513fd3052de8af47da5d0a1bfb477)) - **monitor:** fix project name when using assets-project-name flag ([#5077](https://togithub.com/snyk/snyk/issues/5077)) ([57dc718](https://togithub.com/snyk/snyk/commit/57dc7189eb6c353041b8526af3fe939b0526d996))Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.