Snyk v1.1304.0, a minor update released on 2026-04-09, focuses on performance and security enhancements for the Snyk CLI. This version introduces new capabilities, refines existing features, and addresses several critical issues.

Key Changes

  • New Capabilities: The snyk aibom test command is now available, enabling AI-Bill of Materials analysis. Snyk Code auto-enablement has been improved, and package health checks are now stable. Red Team scans benefit from a new vulnerability summary in their output, alongside --json flag support for list commands in exhaustive and eager modes.
  • Performance & Configuration: A new --maven-skip-wrapper flag has been added for test, monitor, and sbom commands, allowing users to force the use of a globally installed mvn command. Network retry attempts are now explicitly configurable via max-attempts. Golang project scan times have also been reduced.
  • Container & Java Ecosystem: Support for Java runtime binary scanning has been extended. Deprecation warnings are introduced for --shaded-jars-depth and non-numeric --nested-jars-depth. Fixes include preventing scan failures for Maven builds with non-fatal errors and ensuring accurate package overrides for pom.properties files. Snyk Container scans of tar files on Windows now correctly report Python application package vulnerabilities.
  • Quality & Reliability: Numerous bug fixes improve the tool’s stability, including correct JSON output when only --json-file-output is specified, resolution of Go PackageURL generation issues, improved SDK detection, and accurate project name population for NuGet projects. Yarn workspace and aliased package resolution, along with Python package parsing, have also been corrected.
  • Security Updates: Several critical dependency vulnerabilities, including CVE-2026-26996, CVE-2026-29786, and others, have been addressed through dependency updates, bolstering the security of the Snyk CLI itself.

For a detailed changelog, refer to the official Snyk GitHub release notes. Users can also select CLI stability levels via Snyk documentation.

Impact for QA Teams

QA teams can now integrate AI-Bill of Materials testing into their security pipelines earlier, identifying risks in AI components. Improved scan accuracy and performance for Maven, Go, and Python projects provide more reliable and faster security feedback. The included dependency updates directly enhance the security posture of the applications being tested by ensuring the scanning tool itself is up-to-date.