Snyk v1.1305.0: SBOM Flexibility & Container Scan Performance Boost

Snyk v1.1305.0 enhances security scanning with flexible SBOM generation, faster container monitoring, and critical bug fixes.

Key Changes

Features: Snyk v1.1305.0 introduces the --allow-incomplete-sbom flag for snyk sbom, allowing SBOM generation even when some projects fail to resolve. Failed projects are reported alongside successful ones. Performance for snyk container monitor improves by sending dependency requests in parallel, configurable via SNYK_REQUEST_CONCURRENCY. Linux ARM64 and AMD64 binaries are now statically linked by default, simplifying deployment. An experimental breakability evaluation tool was added to the Snyk MCP Server.
Bug Fixes: This update resolves issues with aliased npm package resolution and parsing of Python .whl files during --all-projects scans. Several internal dependency vulnerabilities (CVEs) have also been patched, enhancing the tool’s own security.

Impact for QA Teams

QA teams benefit from more reliable and faster security scans. The --allow-incomplete-sbom flag provides partial results instead of full failures, aiding in progressive issue resolution. Improved container scan performance means quicker feedback cycles, while bug fixes ensure more accurate vulnerability reporting for npm and Python projects.

Frequently Asked Questions

What is the main benefit of `--allow-incomplete-sbom`?

It allows generating an SBOM even if some project components fail, providing partial results instead of a complete failure.

How does `snyk container monitor` improve?

It's faster due to parallel dependency requests, configurable via `SNYK_REQUEST_CONCURRENCY`.

Were any security vulnerabilities fixed in Snyk itself?

Yes, several internal dependency vulnerabilities (CVEs) were patched in this release.

Snyk v1.1305.0: SBOM Flexibility & Container Scan Performance Boost

Key Changes #

Impact for QA Teams #

Frequently Asked Questions

Key Changes

Impact for QA Teams