[Snyk] Upgrade snyk from 1.667.0 to 1.1302.1

[mikr13]

Snyk has created this PR to upgrade snyk from 1.667.0 to 1.1302.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 671 versions ahead of your current version.

• The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PARSELINKHEADER-1582783	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	479	Proof of Concept
	Prototype Pollution SNYK-JS-UTILE-8706797	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	479	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	479	Proof of Concept
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	479	Proof of Concept
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	479	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	479	Proof of Concept
	Prototype Pollution SNYK-JS-LODASHSET-1320032	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	479	Proof of Concept
	Code Injection SNYK-JS-SNYKGRADLEPLUGIN-8248487	479	No Known Exploit
	Code Injection SNYK-JS-SNYKPHPPLUGIN-8248485	479	No Known Exploit
	Command Injection SNYK-JS-SSH2-1656673	479	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	479	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	479	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	479	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	479	No Known Exploit
	Symlink Attack SNYK-JS-TMP-11501554	479	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	479	Proof of Concept
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-12613773	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	479	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9292519	479	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9403194	479	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-DIFF-14917201	479	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	479	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	479	Proof of Concept
	Open Redirect SNYK-JS-GOT-2932019	479	No Known Exploit
	Open Redirect SNYK-JS-GOT-2932019	479	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	479	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-I-1726768	479	No Known Exploit
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	479	Proof of Concept
	Prototype Pollution SNYK-JS-JSYAML-13961110	479	No Known Exploit
	Prototype Pollution SNYK-JS-JSYAML-13961110	479	No Known Exploit
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	479	No Known Exploit
	Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JS-JSZIP-3188562	479	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-15053838	479	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	479	No Known Exploit
	Command Injection SNYK-JS-SNYK-3037342	479	Proof of Concept
	Command Injection SNYK-JS-SNYK-3038622	479	Proof of Concept
	Code Injection SNYK-JS-SNYK-3111871	479	No Known Exploit
	Command Injection SNYK-JS-SNYKDOCKERPLUGIN-3039679	479	Proof of Concept
	Command Injection SNYK-JS-SNYKGOPLUGIN-3037316	479	Proof of Concept
	Command Injection SNYK-JS-SNYKGRADLEPLUGIN-3038624	479	Proof of Concept
	Command Injection SNYK-JS-SNYKMVNPLUGIN-3038623	479	Proof of Concept
	Command Injection SNYK-JS-SNYKPYTHONPLUGIN-3039677	479	Proof of Concept
	Command Injection SNYK-JS-SNYKSBTPLUGIN-3038626	479	Proof of Concept
	Command Injection SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625	479	Proof of Concept
	Command Injection SNYK-JS-SNYKSNYKHEXPLUGIN-3039680	479	Proof of Concept
	Directory Traversal SNYK-JS-TAR-15032660	479	Proof of Concept
	Improper Handling of Unicode Encoding SNYK-JS-TAR-15038581	479	Proof of Concept
	Directory Traversal SNYK-JS-TAR-15127355	479	No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	479	Proof of Concept
	Symlink Attack SNYK-JS-TMP-11501554	479	Proof of Concept
	Symlink Attack SNYK-JS-TMP-11501554	479	Proof of Concept
	Uninitialized Memory Exposure npm:utile:20180614	479	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	479	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	479	No Known Exploit
	Insertion of Sensitive Information into Log File SNYK-JS-SNYK-10497607	479	Proof of Concept

Release notes

Package name: snyk

• 1.1302.1 - 2026-01-22
  

  1.1302.1 (2026-01-21)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Bug Fixes

  • code: Resolves FedRAMP URI construction in the IDE (35800c1)
  • test: PackageURL validation failed with go.mod replace directive (SNYK-CLI-0000) for snyk test (7eb2978)
  • sbom: PackageURL validation failed with go.mod replace directive (SNYK-CLI-0000) for snyk sbom (fda61e0)
• 1.1302.0 - 2026-01-14
  

  1.1302.0 (2026-01-14)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Features

  • aibom: Improved Exit Code handling (d8fed82)
  • container: Added support for OCI images with manifests missing platform fields (dae56aa)
  • container: Added container scan support for cgo and stripped Go binaries (9b2ee6e)
  • container: Added pnpm lockfile support (47db111)
  • mcp-scan: Added experimental mcp-scan command (54b8376)
  • sbom: Improved PackageURLs in SBOM documents for go.mod projects (c145efc)
  • sbom test: Added support for deb, apk and rpm (9fd6f84)
  • test: Added PackageURL information to go.mod dependency graphs (d90b54e)
  • test: Added support for poetry development dependencies (6977004)

  Bug Fixes

  • container: Resolves false positive vulnerabilities for RHEL 10 container images (d4afe60)
  • general: Upgraded multiple dependencies (e185c92)
  • general: Fixed Exit Code handling when using incompatible glibc versions (66fbb50)
  • general: Improved file filtering support with .gitignore (a16b853)
  • mcp: Added rule file to .gitignore if not previously ignored (cc78694)
  • test: Improved upload speed when using --reachability (da21315)
  • test: Fixed npm v2 dependency resolution when using shadowing aliases (237a4f5)
  • test: Fixed --exclude support for pnpm workspaces (293d9b1)
  • test: Fixed SARIF output for Gradle projects to include the complete path in artifactLocation (ec1262e)
• 1.1301.2 - 2025-12-16
  

  1.1301.2 (2025-12-16)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Bug Fixes

  • mcp: Fix MCP compliance issue (51d3f8d)
• 1.1301.1 - 2025-12-08
  

  1.1301.1 (2025-12-08)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Bug Fixes

  • test: Rendering of fix advice for multiple dependency paths when using the reachability flag (eaf50bb)
  • monitor: snyk monitor --reachability=true command should now work even if double dashed arguments are provided (e8bdac6)
  • test, monitor: Code upload speed will be improved when running snyk test --reachability/snyk monitor --reachability (d0bdba1)
  • language-server: Multiple Snyk Language Server related fixes (485ae55)
  • dependencies: Upgrade dependencies to address multiple issues. (e185c92)
• 1.1301.0 - 2025-11-19
  

  1.1301.0 (2025-11-12)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Features

  • container: The Snyk CLI now supports scanning Ubuntu Chisel images for vulnerabilities (9328757)
  • container: The Snyk CLI now supports scanning container images with zstd-compressed layers (5080e42)
  • container: Added a new parameter, --include-system-jars, to support scanning of usr/lib JARs (57078b6)
  • test(maven): Initial maven 4 support, testing against the most recent release candidate (88cf47e)
  • test(maven): A new experimental flag --include-provenance that will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a)
  • sbom(maven): A new experimental flag --include-provenance that will produce an SBOM with checksum qualifiers in each purl (5b8fe0a)
  • language-server: Automatic selection of the organization for IDEs based on workspace folder (EA). (2cc554e)
  • language-server: Analytics for configuration and folder trust (2cc554e)
  • mcp: Support for writing scan output into a file (2cc554e)
  • mcp: Service Account support (2cc554e)

  Bug Fixes

  • general: Fix incorrect error mapping for varying status codes (5829500)
  • general: Some invalid flag combinations are now correctly handled (ca5903b)
  • test: The Snyk CLI now correctly handles optional dependencies without separate package entries
    (bfcbda7)
  • test: The Snyk CLI now correctly handles aliased packages with nested dependencies (bfcbda7)
  • test: The Snyk CLI now correctly handles bundled dependencies with non-hoisted bundle owners (bfcbda7)
  • test: Fixes issue where sub packages were getting grouped incorrectly, leading to deps getting marked as missing. (b904e8c)
  • test, sbom: Stops misclassifying NX Build project.json as a NuGet project (ff6860f)
  • test(npm): Improve npm alias support (cb37da7)
  • test(npm): The Snyk CLI now correctly handles npm packages with bundled dependencies (7d93b86)
  • test(python): Scanning projects using Python 2.7 will no longer fail with a string formatting error (4effc7f)
  • test(python): Fixed JSON parsing error for Python projects with missing packages (4effc7f)
  • test(maven): Underlying maven commands adjusted slightly to make aggregate projects that encounter issues when rebuilding more likely to succeed (3b72d86)
  • test(dotnet): Fix an issue with NuGet v3 scanner where the netstandard and netcoreapp TargetFrameworks were treated as .netx.x (227b50c)
  • test(dotnet): Fix an issue with NuGet v3 scanner where the pinned dependencies were not discovered (0d9b0c4)
  • container: Fixed a bug where scanning docker images with very large files would result in the CLI crashing with no message (57078b6)
  • container: Fix rare crash when scanning large Docker images (195ed78)
  • container: Fix issue where go binaries in Linux images with complex paths were not properly detected as go binaries when scanning on Windows (be8098b)
  • code: Add missing explicit error handling (755d01f)
  • unmanaged: Ignored vulnerabilities in unmanaged (C/C++) projects are now properly excluded from JSON output when using .snyk policy files. This ensures that snyk-to-html and other tools that consume JSON output will correctly respect vulnerability ignores. (fa808c1)
  • dependencies: Fix CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
  • dependencies: Upgrade golang to 1.24.10 to fix vulnerabilities (c039f99)
  • dependencies: Upgrade to golang 1.24.8 (4dcf97a)
  • dependencies: Upgrade xcode to avoid flaky signing (bdcb991)
  • dependencies: Fix CVE-2025-47913 (a00b0dc)
  • language-server: Various Language Server related fixes (2cc554e)
• 1.1300.2 - 2025-10-28
  

  1.1300.2 (2025-10-28)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Bug Fixes

  • security: Upgrades dependencies to address CVE-2025-47913 (d7e87e2)
  • general: Improved error messaging (5d16466)
• 1.1300.1 - 2025-10-21
  

  1.1300.1 (2025-10-21)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Features

  • mcp: Added support for the MCP server to use IDE extension storage when running in VS Code (7f26dc6)
  • redteam: Added a new experimental AI Red Teaming feature, read more: https://docs.snyk.io/developer-tools/snyk-cli/commands/ai-red-teaming (fe37e0f)

  Bug Fixes

  • test: Fix issue where npm aliases only detected the latest version of a dependency (cb37da7)
  • security: Upgrades dependencies to address CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
  • general: Improved error messaging (5d16466)
  • logging: Remove support for legacy DEBUG environment variable. For the supported debugging options, please check https://docs.snyk.io/developer-tools/snyk-cli/debugging-the-snyk-cli (2087f74)
• 1.1300.0 - 2025-10-08
  

  1.1300.0 (2025-10-08)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Features

  • general: Improve SARIF compatibility by adding runAutomationDetails (3e232e5)
  • container: Add support scanning system JARs (54e84d8)
  • container: Add TargetOS to output of container scan (aa55cd9)
  • test: Add support for godot projects (d9fc200)
  • test: Add support for maven metaversions (f321ffa)
  • language-server: Add CVSSv4 Links in IDE Issue Details
  • mcp: Workflow and performance improvements

  Bug Fixes

  • container: Fixed crashes when scanning docker images with very large files (72cb040)
  • test: Re-enable support for python 2.7 (02c7fe3)
  • test: Improved error information when using --all-projects (36d14f9)
  • test: Fix a bug due to case-sensitive ignores (b432406)
  • test: Resolve project assets file path dynamically (75a152e)
  • iac: Upgrade iac components to address a vulnerability [IAC-3439] (eaaaf84)
  • logging: Fix broken debug logs due to secret redaction by redacting all user input (0cf19a7)
  • language-server: Multiple bugfixes
• 1.1299.1 - 2025-09-24
  

  1.1299.1 (2025-09-24)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

  Bug Fixes

  • language-server: Fix titles of Snyk Open Source code actions in IDEs (0add44d)
  • code: Include missing uploadResults property in Sarif output (693e548)
  • logging: Fix broken debug logs due to incorrect redaction (0cf19a7)
• 1.1299.0 - 2025-09-01
  

  1.1299.0 (2025-08-28)

  The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation.

  Features

  • auth: Support for PAT auto region configuration. (ad8e4a7)

  Bug Fixes

  • code: Fixes code test --report when a project_id environment variable exists. (6168b1d)
  • code: Fixes an issue with snyk code test where an empty input parameter would cause inconsistent behavior. (a661235)
  • container: Stops spawning commands using a shell. (7ee9e15)
  • dependency: Fixes CVE-2025-8959. (5a548fb)
  • general: Fixes a bug where formatting of log timestamps could cause a crash in some cases. (92fa8be)
  • iac: Fixes wrong status code checks. (77152e5)
  • language-server: Fixes a bug related to the analytics environment variables. (6916af8)
  • language-server: Correctly populates the environment for Open Source scans when called from the IDE. (945b029)
  • language-server: Ensures changed API URLs are respected during authentication. (24ed981)
  • language-server: MCP tool updates to support feedback and better tool descriptions. (8f2a8d1)
  • test: Fixes a bug where project.assets.json files would not be detected in cases where it's destination path was altered with .NET properties. (75a152e)
  • test: Improves error messages when using --all-projects. (960fa8e)
• 1.1298.3 - 2025-08-14
• 1.1298.2 - 2025-07-30
• 1.1298.1 - 2025-07-22
• 1.1298.0 - 2025-07-16
• 1.1297.3 - 2025-06-23
• 1.1297.2 - 2025-06-16
• 1.1297.1 - 2025-05-16
• 1.1297.0 - 2025-05-14
• 1.1296.2 - 2025-04-16
• 1.1296.1 - 2025-03-27
• 1.1296.0 - 2025-03-13
• 1.1295.4 - 2025-02-26
• 1.1295.3 - 2025-02-11
• 1.1295.2 - 2025-01-24
• 1.1295.1 - 2025-01-23
• 1.1295.0 - 2025-01-08
• 1.1294.3 - 2024-12-12
• 1.1294.2 - 2024-11-26
• 1.1294.1 - 2024-11-20
• 1.1294.0 - 2024-10-23
• 1.1293.1 - 2024-09-11
• 1.1293.0 - 2024-08-28
• 1.1292.4 - 2024-08-12
• 1.1292.3 - 2024-08-12
• 1.1292.2 - 2024-08-01
• 1.1292.1 - 2024-06-27
• 1.1292.0 - 2024-06-26
• 1.1291.1 - 2024-05-27
• 1.1291.0 - 2024-04-30
• 1.1290.0 - 2024-04-19
• 1.1289.0 - 2024-04-16
• 1.1288.1 - 2024-04-15
• 1.1288.0 - 2024-04-09
• 1.1287.0 - 2024-04-04
• 1.1286.4 - 2024-04-04
• 1.1286.3 - 2024-04-03
• 1.1286.2 - 2024-03-29
• 1.1286.1 - 2024-03-26
• 1.1286.0 - 2024-03-25
• 1.1285.1 - 2024-03-25
• 1.1285.0 - 2024-03-18
• 1.1284.0 - 2024-03-14
• 1.1283.1 - 2024-03-13
• 1.1283.0 - 2024-03-06
• 1.1282.1 - 2024-03-05
• 1.1282.0 - 2024-03-05
• 1.1281.0 - 2024-02-28
• 1.1280.1 - 2024-02-20
• 1.1280.0 - 2024-02-15
• 1.1279.0 - 2024-02-12
• 1.1278.0 - 2024-02-06
• 1.1277.0 - 2024-02-05
• 1.1276.0 - 2024-01-30
• 1.1275.0 - 2024-01-26
• 1.1274.0 - 2024-01-23
• 1.1273.0 - 2024-01-23
• 1.1272.0 - 2024-01-22
• 1.1271.0 - 2024-01-19
• 1.1270.0 - 2024-01-18
• 1.1269.0 - 2024-01-10
• 1.1268.0 - 2024-01-08
• 1.1267.0 - 2024-01-02
• 1.1266.0 - 2023-12-20
• 1.1265.0 - 2023-12-20
• 1.1264.0 - 2023-12-14
• 1.1263.0 - 2023-12-14
• 1.1262.0 - 2023-12-13
• 1.1261.0 - 2023-12-12
• 1.1260.0 - 2023-12-04
• 1.1259.0 - 2023-11-30
• 1.1258.0 - 2023-11-29
• 1.1257.0 - 2023-11-28
• 1.1256.0 - 2023-11-27
• 1.1255.0 - 2023-11-27
• 1.1254.0 - 2023-11-27
• 1.1253.0 - 2023-11-24
• 1.1252.0 - 2023-11-22
• 1.1251.0 - 2023-11-21
• 1.1250.0 - 2023-11-20
• 1.1249.0 - 2023-11-20
• 1.1248.0 - 2023-11-16
• 1.1247.0 - 2023-11-16
• 1.1246.0 - 2023-11-15
• 1.1245.0 - 2023-11-14
• 1.1244.0 - 2023-11-13
• 1.1243.0 - 2023-11-09
• 1.1242.0 - 2023-11-08
• 1.1241.0 - 2023-11-08
• 1.1240.0 - 2023-11-07
• 1.1239.0 - 2023-11-07
• 1.1238.0 - 2023-10-31
• 1.1237.0 - 2023-10-24
• 1.1236.0 - 2023-10-18
• 1.1235.0 - 2023-10-16
• 1.1234.0 - 2023-10-11
• 1.1233.0 - 2023-10-09
• 1.1232.0 - 2023-10-05
• 1.1231.0 - 2023-10-05
• 1.1230.0 - 2023-10-04
• 1.1229.0 - 2023-10-03
• 1.1228.0 - 2023-09-28
• 1.1227.0 - 2023-09-25
• 1.1226.0 - 2023-09-21
• 1.1225.0 - 2023-09-19
• 1.1224.0 - 2023-09-19
• 1.1223.0 - 2023-09-19
• 1.1222.0 - 2023-09-19
• 1.1221.0 - 2023-09-18
• 1.1220.0 - 2023-09-14
• 1.1219.0 - 2023-09-14
• 1.1218.0 - 2023-09-14
• 1.1217.0 - 2023-09-12
• 1.1216.0 - 2023-09-11
• 1.1215.0 - 2023-09-08
• 1.1214.0 - 2023-09-07
• 1.1213.0 - 2023-09-06
• 1.1212.0 - 2023-09-05
• 1.1211.0 - 2023-09-04
• 1.1210.0 - 2023-09-04
• 1.1209.0 - 2023-08-31
• 1.1208.0 - 2023-08-31
• 1.1207.0 - 2023-08-28
• 1.1206.0 - 2023-08-23
• 1.1205.0 - 2023-08-21
• 1.1204.0 - 2023-08-21
• 1.1203.0 - 2023-08-17
• 1.1202.0 - 2023-08-15
• 1.1201.0 - 2023-08-15
• 1.1200.0 - 2023-08-03
• 1.1199.0 - 2023-08-02
• 1.1198.0 - 2023-07-31
• 1.1197.0 - 2023-07-31
• 1.1196.0 - 2023-07-25
• 1.1195.0 - 2023-07-25
• 1.1194.0 - 2023-07-24
• 1.1193.0 - 2023-07-20
• 1.1192.0 - 2023-07-19
• 1.1191.0 - 2023-07-19
• 1.1190.0 - 2023-07-14
• 1.1189.0 - 2023-07-13
• 1.1188.0 - 2023-07-12
• 1.1187.0 - 2023-06-30
• 1.1186.0 - 2023-06-27
• 1.1185.0 - 2023-06-26
• 1.1184.0 - 2023-06-23
• 1.1183.0 - 2023-06-19
• 1.1182.0 - 2023-06-16
• 1.1181.0 - 2023-06-15
• 1.1180.0 - 2023-06-14
• 1.1179.0 - 2023-06-13
• 1.1178.0 - 2023-06-12
• 1.1177.0 - 2023-06-09
• 1.1176.0 - 2023-06-08
• 1.1175.0 - 2023-06-06
• 1.1174.0 - 2023-06-05
• 1.1173.0 - 2023-06-02
• 1.1172.0 - 2023-06-02
• 1.1171.0 - 2023-06-01
• 1.1170.0 - 2023-05-31
• 1.1169.0 - 2023-05-30
• 1.1168.0 - 2023-05-26
• 1.1167.0 - 2023-05-25
• 1.1166.0 - 2023-05-25
• 1.1165.0 - 2023-05-25
• 1.1164.0 - 2023-05-25
• 1.1163.0 - 2023-05-24
• 1.1162.0 - 2023-05-23
• 1.1161.0 - 2023-05-23
• 1.1160.0 - 2023-05-22
• 1.1159.0 - 2023-05-18
• 1.1158.0 - 2023-05-17
• 1.1157.0 - 2023-05-17
• 1.1156.0 - 2023-05-16
• 1.1155.0 - 2023-05-12
• 1.1154.0 - 2023-05-10
• 1.1153.0 - 2023-05-08
• 1.1152.0 - 2023-05-04
• 1.1151.0 - 2023-05-04
• 1.1150.0 - 2023-04-28
• 1.1149.0 - 2023-04-28
• 1.1148.0 - 2023-04-28
• 1.1147.0 - 2023-04-27
• 1.1146.0 - 2023-04-25
• 1.1145.0 - 2023-04-25
• 1.1144.0 - 2023-04-24
• 1.1143.0 - 2023-04-18
• 1.1142.0 - 2023-04-12
• 1.1141.0 - 2023-04-12
• 1.1140.0 - 2023-04-05
• 1.1139.0 - 2023-04-04
• 1.1138.0 - 2023-04-04
• 1.1137.0 - 2023-04-03
• 1.1136.0 - 2023-04-03
• 1.1135.0 - 2023-04-03
• 1.1134.0 - 2023-04-03
• 1.1133.0 - 2023-03-31
• 1.1132.0 - 2023-03-31
• 1.1131.0 - 2023-03-30
• 1.1130.0 - 2023-03-29
• 1.1129.0 - 2023-03-28
• 1.1128.0 - 2023-03-27
• 1.1127.0 - 2023-03-24
• 1.1126.0 - 2023-03-23
• 1.1125.0 - 2023-03-22
• 1.1124.0 - 2023-03-22
• 1.1123.0 - 2023-03-21
• 1.1122.0 - 2023-03-20
• 1.1121.0 - 2023-03-17
• 1.1120.0 - 2023-03-17
• 1.1119.0 - 2023-03-16
• 1.1118.0 - 2023-03-13
• 1.1117.0 - 2023-03-10
• 1.1116.0 - 2023-03-09
• 1.1115.0 - 2023-03-08
• 1.1114.0 - 2023-03-06
• 1.1113.0 - 2023-03-06
• 1.1112.0 - 2023-03-06
• 1.1111.0 - 2023-03-02
• 1.1110.0 - 2023-02-28
• 1.1109.0 - 2023-02-24
• 1.1108.0 - 2023-02-21
• 1.1107.0 - 2023-02-21
• 1.1106.0 - 2023-02-20
• 1.1105.0 - 2023-02-16
• 1.1104.0 - 2023-02-15
• 1.1103.0 - 2023-02-13
• 1.1102.0 - 2023-02-13
• 1.1101.0 - 2023-02-13
• 1.1100.0 - 2023-02-08
• 1.1099.0 - 2023-02-08
• 1.1098.0 - 2023-02-08
• 1.1097.0 - 2023-02-06
• 1.1096.0 - 2023-02-03
• 1.1095.0 - 2023-02-02
• 1.1094.0 - 2023-02-01
• 1.1093.0 - 2023-01-31
• 1.1092.0 - 2023-01-30
• 1.1091.0 - 2023-01-26
• 1.1090.0 - 2023-01-24
• 1.1089.0 - 2023-01-23
• 1.1088.0 - 2023-01-20
• 1.1087.0 - 2023-01-12
• 1.1086.0 - 2023-01-12
• 1.1085.0 - 2023-01-11
• 1.1084.0 - 2023-01-11
• 1.1083.0 - 2023-01-11
• 1.1082.0 - 2023-01-08
• 1.1081.0 - 2023-01-03
• 1.1080.0 - 2022-12-29
• 1.1079.0 - 2022-12-28
• 1.1078.0 - 2022-12-28
• 1.1077.0 - 2022-12-27
• 1.1076.0 - 2022-12-22
• 1.1075.0 - 2022-12-22
• 1.1074.0 - 2022-12-21
• 1.1073.0 - 2022-12-20
• 1.1072.0 - 2022-12-20
• 1.1071.0 - 2022-12-13
• 1.1070.0 - 2022-12-13
• 1.1069.0 - 2022-12-06
• 1.1068.0 - 2022-12-05
• 1.1067.0 - 2022-12-05
• 1.1066.0 - 2022-12-02
• 1.1065.0 - 2022-12-01
• 1.1064.0 - 2022-11-29
• 1.1063.0 - 2022-11-28
• 1.1062.0 - 2022-11-28
• 1.1061.0 - 2022-11-18
• 1.1060.0 - 2022-11-16
• 1.1059.0 - 2022-11-15
• 1.1058.0 - 2022-11-11
• 1.1057.0 - 2022-11-10
• 1.1056.0 - 2022-11-08
• 1.1055.0 - 2022-11-08
• 1.1054.0 - 2022-11-07
• 1.1053.0 - 2022-11-04
• 1.1052.0 - 2022-11-03
• 1.1051.0 - 2022-11-03
• 1.1050.0 - 2022-11-03
• 1.1049.0 - 2022-11-02
• 1.1048.0 - 2022-11-01
• 1.1047.0 - 2022-10-31
• 1.1046.0 - 2022-10-31
• 1.1045.0 - 2022-10-31
• 1.1044.0 - 2022-10-27
• 1.1043.0 - 2022-10-27
• 1.1042.0 - 2022-10-26
• 1.1041.0 - 2022-10-24
• 1.1040.0 - 2022-10-21
• 1.1039.0 - 2022-10-21
• 1.1038.0 - 2022-10-20
• 1.1037.0 - 2022-10-20
• 1.1036.0 - 2022-10-20
• 1.1035.0 - 2022-10-19
• 1.1034.0 - 2022-10-18
• 1.1033.0 - 2022-10-18
• 1.1032.0 - 2022-10-14
• 1.1031.0 - 2022-10-14
• 1.1030.0 - 2022-10-14
• 1.1029.0 - 2022-10-13
• 1.1028.0 - 2022-10-12
• 1.1027.0 - 2022-10-12
• 1.1026.0 - 2022-10-10
• 1.1025.0 - 2022-10-07
• 1.1024.0 - 2022-10-06
• 1.1023.0 - 2022-10-06
• 1.1022.0 - 2022-10-05
• 1.1021.0 - 2022-10-04
• 1.1020.0 - 2022-10-03
• 1.1019.0 - 2022-09-30
• 1.1018.0 - 2022-09-30
• 1.1017.0 - 2022-09-29
• 1.1016.0 - 2022-09-29
• 1.1015.0 - 2022-09-29
• ...

[Copilot]

Pull request overview

This PR upgrades the Snyk CLI dependency from version 1.742.0 to 1.1302.1 to address multiple security vulnerabilities. The upgrade is part of automated security maintenance by Snyk and fixes 20 high-severity and 34 medium-severity vulnerabilities in transitive dependencies, including ReDoS, prototype pollution, command injection, and other security issues.

Changes:

• Upgrades snyk devDependency from ^1.742.0 to ^1.1302.1 (approximately 560 version increments)
• Addresses multiple security vulnerabilities in dependencies like axios, semver, tar, and various Snyk plugins
• Maintains compatibility with the existing snyk protect command used in the prepare script

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The PR description indicates upgrading from version 1.667.0, but the diff shows the current version in package.json is ^1.742.0. This discrepancy suggests either the PR description is based on an outdated branch, or there may have been an intermediate update. The actual upgrade is from 1.742.0 to 1.1302.1, which is approximately 560 versions (not 671 as stated in the description).