Update @snyk/protect 1.1294.3 → 1.1295.0 (minor)

[depfu]

Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

What changed?

✳️ @​snyk/protect (1.1294.3 → 1.1295.0) · Repo

Release Notes

1.1295.0

1.1295.0 (2025-01-08)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• iac: include evidence field in json output [IAC-3161] (9487a08)
• auth: auto detect API Url during OAuth authentication (6884511)

Bug Fixes

• test: support verbose gradle graphs for sbom generation (600ef50)
• general: prevent snyk-policy lib from interrupting stdout to ensure valid --json --sarif output (469edf5)
• general: improved error messages around network requests (f6fc5f7)
• general: only read SNYK_ prefixed env vars (5bfcbe8)
• instrumentation: add default oss product for monitor as well (83cabc3)
• container: optional dependencies are properly connected in the dep-graph (3205e66)
• container: package-lock v3 missing sub-dependencies 94c9b7f)
• container: support --exclude-app-vulns with oauth (73a75fa)
• monitor: use error catalog messages for monitor commands (4e58601)
• iac: extra error handling and debugging [IAC-3138] (7fbae0f)
• iac: snyk-iac-test security update [IAC-3171] (fac22bb)
• iac: update snyk-iac-parsers version [IAC-3138] (5326d9d)
• iac: use proxy aware snyk-iac-test [INC-1647] (d5d1e2e)
• test: do not treat warnings as errors on restore (d0113eb)
• test:fix mismatch/off-by-one on unmanagedDependencyCount in the analytics logs UNIFY-340 (75d8e6d)
• test: update snyk-nodejs-plugin to fix micromatch vuln (766bd1d)
• test: upgrade mvn-plugin to handle jar scanning sha-not-found error (060380a)
• test: fix runtime versions overwriting nuget versions (5e715cf)
• instrumentation: stop sending CLI args in analytics (6d183fb)
• policy update policy library to fix valid json output (0bc0aed)

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by more commits than we can show here.

---

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

All Depfu comment commands

@​depfu rebase

Rebases against your default branch and redoes this update

@​depfu recreate

Recreates this PR, overwriting any edits that you've made to it

@​depfu merge

Merges this PR once your tests are passing and conflicts are resolved

@​depfu cancel merge

Cancels automatic merging of this PR

@​depfu close

Closes this PR and deletes the branch

@​depfu reopen

Restores the branch and reopens this PR (if it's closed)

@​depfu pause

Ignores all future updates for this dependency and closes this PR

@​depfu pause [minor|major]

Ignores all future minor/major updates for this dependency and closes this PR

@​depfu resume

Future versions of this dependency will create PRs again (leaves this PR as is)