Merge pull request #5886 from snyk/chore/pick-rc-changes

chore: cherry-pick changes for RC

Author: CatalinSnyk

binary-releases/RELEASE_NOTES.md

@@ -1,25 +1,29 @@
-## [1.1297.0](https://github.com/snyk/snyk/compare/v1.1296.2...v1.1297.0) (2025-05-14)
+## [1.1297.0](https://github.com/snyk/cli/compare/v1.1296.2...v1.1297.0) (2025-05-14)
 
 The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli)
 
 ### Features
 
-* **container:** Support scanning container images from tar files without specifying a type ([58b0861](https://github.com/snyk/snyk/commit/58b0861f8ff6577b281de49619f711b8842e096a))
-* **iac:** Improve IaC deployment to avoid on the fly downloads ([5108f58](https://github.com/snyk/snyk/commit/5108f58954b22de962cc3125f643e5823a439a20))
-* **sbom:** Introduce sbom monitor command ([24e96c3](https://github.com/snyk/snyk/commit/24e96c33f153071fe798ed1b7a3ec78e5cc35733))
-* **test:** Improve gradle module resolution  ([7991133](https://github.com/snyk/snyk/commit/79911337912082454e4362d9473c40699e059425))
-* **language-server:** Introduce explanation of AI fixes in IDEs
+* **container:** Support scanning container images from tar files without specifying a type ([58b0861](https://github.com/snyk/cli/commit/58b0861f8ff6577b281de49619f711b8842e096a))
+* **iac:** Improve IaC deployment to avoid on the fly downloads ([5108f58](https://github.com/snyk/cli/commit/5108f58954b22de962cc3125f643e5823a439a20))
+* **sbom:** Introduce sbom monitor command ([24e96c3](https://github.com/snyk/cli/commit/24e96c33f153071fe798ed1b7a3ec78e5cc35733))
+* **test:** Improve gradle module resolution  ([7991133](https://github.com/snyk/cli/commit/79911337912082454e4362d9473c40699e059425))
+* **language-server:** Introduce explanation of AI fixes in IDEs ([74fa322](https://github.com/snyk/cli/commit/74fa3224aef6ba68b7f55006b7d0ced92c6d7e57))
 
 ### Bug Fixes
 
-* **container:** Fix issue when scanning invalid node manifest files ([ceb8020](https://github.com/snyk/snyk/commit/ceb8020284db2b76abc42637caaa94d227c422ef))
-* **iac:** Ensure to use the correct org id when sharing results for v2 ([1c4094a](https://github.com/snyk/snyk/commit/1c4094aff5a21b08eefed47508d33668940af003))
-* **iac:** Ensure to use target-name ([2201f0a](https://github.com/snyk/snyk/commit/2201f0a46ac5747b4c58ed01990d1e9ae13f4eb7))
-* **sbom:** Fix issues when generating sboms based on NuGet .sln ([80c43d9](https://github.com/snyk/snyk/commit/80c43d9a6f9f3a29f5f0df679d75d82fed48a7f5))
-* **test:** Fix issues when scanning gradle projects on Windows ([11586cc](https://github.com/snyk/snyk/commit/11586cc587b3a05c2e7d279a3f40857f8c752068))
-* **test:** Improve error messages when using fail-fast, all-projects and json ([a396bd6](https://github.com/snyk/snyk/commit/a396bd6ea4abd443a0ffce2a29b3f7e6154859ac))
-* **test:** Fix yarn 2 out of sync issues ([18aee45](https://github.com/snyk/snyk/commit/18aee454a87fbeed480839fc91a04123840c6ff5))
-* **test:** Fix pnpm out of sync issue for duplicated peer and dev dependencies ([2581e16](https://github.com/snyk/snyk/commit/2581e169ac813df49e8eccce8ae4bfd85f01378e))
-* **test:** Ensure internal dependencies are represented correctly when normalizing Gradle dependencies ([c7e2713](https://github.com/snyk/snyk/commit/c7e2713a4d1d961857b95038c186085e14d8f415))
-* **language-server:** Fix and improve issue filtering in IDEs
+* **container:** Fix issue when scanning invalid node manifest files ([ceb8020](https://github.com/snyk/cli/commit/ceb8020284db2b76abc42637caaa94d227c422ef))
+* **code:** Fix hash mismatches for files containing non-UTF-8 content ([33d33e9](https://github.com/snyk/cli/commit/33d33e92bba76cff694cc5ee9e9b2e4b9274a673))
+* **iac:** Ensure to use the correct org id when sharing results for v2 ([1c4094a](https://github.com/snyk/cli/commit/1c4094aff5a21b08eefed47508d33668940af003))
+* **iac:** Ensure to use target-name ([2201f0a](https://github.com/snyk/cli/commit/2201f0a46ac5747b4c58ed01990d1e9ae13f4eb7))
+* **sbom:** Fix issues when generating sboms based on NuGet .sln ([80c43d9](https://github.com/snyk/cli/commit/80c43d9a6f9f3a29f5f0df679d75d82fed48a7f5))
+* **test:** Fix issues when scanning gradle projects on Windows ([11586cc](https://github.com/snyk/cli/commit/11586cc587b3a05c2e7d279a3f40857f8c752068))
+* **test:** Improve error messages when using fail-fast, all-projects and json ([a396bd6](https://github.com/snyk/cli/commit/a396bd6ea4abd443a0ffce2a29b3f7e6154859ac))
+* **test:** Fix yarn 2 out of sync issues ([18aee45](https://github.com/snyk/cli/commit/18aee454a87fbeed480839fc91a04123840c6ff5))
+* **test:** Fix pnpm out of sync issue for duplicated peer and dev dependencies ([2581e16](https://github.com/snyk/cli/commit/2581e169ac813df49e8eccce8ae4bfd85f01378e))
+* **test:** Ensure internal dependencies are represented correctly when normalizing Gradle dependencies ([c7e2713](https://github.com/snyk/cli/commit/c7e2713a4d1d961857b95038c186085e14d8f415))
+* **test:** Fix testing composer-based PHP projects ([39e3379](https://github.com/snyk/cli/commit/39e337965740f6242a22f998cc433d7842468490))
+* **language-server:** Fix and improve issue filtering in IDEs ([a474d67](https://github.com/snyk/cli/commit/a474d67a55c5b0684462b867fba1acf5dabcb000))
+* **language-server:** Fix unmanaged C/C++ scans with '—unmanaged' flag in additional parameters ([01f53e3](https://github.com/snyk/cli/commit/01f53e39c7d05c33aba9f219de958262202b5545))
+* **language-server:** Fix applying Snyk Code AI fixes on the wrong lines ([01f53e3](https://github.com/snyk/cli/commit/01f53e39c7d05c33aba9f219de958262202b5545))
 

cliv2/go.mod

@@ -16,10 +16,10 @@ require (
 	github.com/snyk/cli-extension-sbom v0.0.0-20250422133603-a5ae6fdf0934
 	github.com/snyk/container-cli v0.0.0-20250321132345-1e2e01681dd7
 	github.com/snyk/error-catalog-golang-public v0.0.0-20250429130542-564b0605020e
-	github.com/snyk/go-application-framework v0.0.0-20250430064233-182d2c5dc53a
+	github.com/snyk/go-application-framework v0.0.0-20250505092137-65a591adf20f
 	github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65
 	github.com/snyk/snyk-iac-capture v0.6.5
-	github.com/snyk/snyk-ls v0.0.0-20250430123225-137c0037fe26
+	github.com/snyk/snyk-ls v0.0.0-20250512123322-655181e23a17
 	github.com/spf13/cobra v1.9.1
 	github.com/spf13/pflag v1.0.6
 	github.com/stretchr/testify v1.10.0
@@ -179,7 +179,7 @@ require (
 	github.com/shirou/gopsutil v3.21.11+incompatible // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/skeema/knownhosts v1.3.1 // indirect
-	github.com/snyk/code-client-go v1.21.2 // indirect
+	github.com/snyk/code-client-go v1.21.3 // indirect
 	github.com/snyk/policy-engine v0.33.2 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd // indirect

cliv2/go.sum

@@ -802,22 +802,22 @@ github.com/snyk/cli-extension-iac-rules v0.0.0-20250227121450-6e14346dbd1a h1:SJ
 github.com/snyk/cli-extension-iac-rules v0.0.0-20250227121450-6e14346dbd1a/go.mod h1:IqfQCIkyC26mkwa+aM6d6yxIh5+tCm4fSQG+Ogq3Qbc=
 github.com/snyk/cli-extension-sbom v0.0.0-20250422133603-a5ae6fdf0934 h1:0RCTH9C0zaTrnqpKLaLXTmP7suwWEHBNVwQSaR8Aifo=
 github.com/snyk/cli-extension-sbom v0.0.0-20250422133603-a5ae6fdf0934/go.mod h1:Q8dmRgcpHTk711dkLVtpkTF5RvLkQVcExGuv1cyx/zU=
-github.com/snyk/code-client-go v1.21.2 h1:6SnfB/abNyzbgs3A7RhZHOfx0Ng3FKTdS9NrUsBGUUs=
-github.com/snyk/code-client-go v1.21.2/go.mod h1:WH6lNkJc785hfXmwhixxWHix3O6z+1zwz40oK8vl/zg=
+github.com/snyk/code-client-go v1.21.3 h1:2+HPXCA9FGn3gaI1Jw1C4Ifn/NRAbSnmohFUvz4GC4I=
+github.com/snyk/code-client-go v1.21.3/go.mod h1:WH6lNkJc785hfXmwhixxWHix3O6z+1zwz40oK8vl/zg=
 github.com/snyk/container-cli v0.0.0-20250321132345-1e2e01681dd7 h1:/2+2piwQtB9fEJCkXEOjboZjY+77lQfnvqBZ/60xNHk=
 github.com/snyk/container-cli v0.0.0-20250321132345-1e2e01681dd7/go.mod h1:38w+dcAQp9eG3P5t2eNS9eG0reut10AeJjLv5lJ5lpM=
 github.com/snyk/error-catalog-golang-public v0.0.0-20250429130542-564b0605020e h1:XFGkHDWA8JTPLr82QzoKVqGytofEYBf68VqoUq8yvXk=
 github.com/snyk/error-catalog-golang-public v0.0.0-20250429130542-564b0605020e/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4=
-github.com/snyk/go-application-framework v0.0.0-20250430064233-182d2c5dc53a h1:cxh5DtyXAFOyQVE+eQSDuv0iCswR3a+2TnSdM9So13g=
-github.com/snyk/go-application-framework v0.0.0-20250430064233-182d2c5dc53a/go.mod h1:1QAWcdnzXVz7OLZjtfuEwLFShJJyGA1H6fu63+RJyB4=
+github.com/snyk/go-application-framework v0.0.0-20250505092137-65a591adf20f h1:L3B/8mDqRayNAiWf2cx2nhirQQI9x9yMfxDqpA+SwcE=
+github.com/snyk/go-application-framework v0.0.0-20250505092137-65a591adf20f/go.mod h1:Hy8dugDhTPRPe99Bf4mG7zeh7+OobdWfX5dzhbeQQsU=
 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 h1:CEQuYv0Go6MEyRCD3YjLYM2u3Oxkx8GpCpFBd4rUTUk=
 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg=
 github.com/snyk/policy-engine v0.33.2 h1:ZxD6/RQ4vqUAXa64V72SsGjZ8vmnBgZNGYQxMIqctYo=
 github.com/snyk/policy-engine v0.33.2/go.mod h1:YTZq3GMRbXcHOXQQrFRVEg+MQiIGCGZ1met6KlpruNo=
 github.com/snyk/snyk-iac-capture v0.6.5 h1:992DXCAJSN97KtUh8T5ndaWwd/6ZCal2bDkRXqM1u/E=
 github.com/snyk/snyk-iac-capture v0.6.5/go.mod h1:e47i55EmM0F69ZxyFHC4sCi7vyaJW6DLoaamJJCzWGk=
-github.com/snyk/snyk-ls v0.0.0-20250430123225-137c0037fe26 h1:0jIlFQ8sGXxOh8XboXmBfyHhooqflR2Mzdz3/2ofsj0=
-github.com/snyk/snyk-ls v0.0.0-20250430123225-137c0037fe26/go.mod h1:xbvwtDAjQuol2GI45d6awmmRQ3TYcC3jdHFGn+2bTjQ=
+github.com/snyk/snyk-ls v0.0.0-20250512123322-655181e23a17 h1:hXj6nw+bHawhOS4Dbo0fxk1+J5jN8BQaG5RNwavyYaA=
+github.com/snyk/snyk-ls v0.0.0-20250512123322-655181e23a17/go.mod h1:xbvwtDAjQuol2GI45d6awmmRQ3TYcC3jdHFGn+2bTjQ=
 github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
 github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
 github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd h1:Dq5WSzWsP1TbVi10zPWBI5LKEBDg4Y1OhWEph1wr5WQ=

help/cli-commands/sbom-monitor.md

@@ -4,7 +4,7 @@
 
 ## Usage
 
-`snyk monitor [<OPTIONS>]`
+`snyk sbom monitor --experimental [<OPTIONS>]`
 
 ## Description
 
@@ -35,7 +35,7 @@ Use the `-d` option to output the debug logs.
 
 ### `--experimental`
 
-Required. Use experimental command features. This option is currently required as the command is in its experimental phase.
+Required. Use experimental command features. This option is required because the command is in its experimental phase.
 
 ### `--file=<FILE_PATH>`
 

help/cli-commands/sbom-test.md

@@ -4,7 +4,7 @@
 
 ## Usage
 
-`snyk sbom test --experimental --file=<FILE_PATH> [<options>]`
+`snyk sbom test --experimental --file=<FILE_PATH> [<OPTIONS>]`
 
 ## Description
 

package-lock.json

@@ -125,7 +125,7 @@
     "snyk-nodejs-lockfile-parser": "1.60.1",
     "snyk-nodejs-plugin": "1.4.4",
     "snyk-nuget-plugin": "2.7.15",
-    "snyk-php-plugin": "1.10.0",
+    "snyk-php-plugin": "1.12.1",
     "snyk-policy": "4.1.4",
     "snyk-python-plugin": "2.6.0",
     "snyk-resolve-deps": "4.8.0",

package.json

@@ -7,6 +7,7 @@ import { execSync } from 'child_process';
 import { runCommand } from '../../util/runCommand';
 import * as fs from 'fs-extra';
 import { makeTmpDirectory } from '../../../utils';
+import * as crypto from 'crypto';
 
 expect.extend(matchers);
 jest.setTimeout(1000 * 120);
@@ -78,7 +79,8 @@ async function ensureUniqueBundleIsUsed(path: string): Promise<string> {
   }
 
   // add a random file to ensure a new bundle is created
-  fs.writeFileSync(`${newPath}/tmp.java`, `test${Math.random().toString(36)}`);
+  const randomBytes: Buffer = crypto.randomBytes(100);
+  fs.writeFileSync(`${newPath}/tmp.java`, randomBytes, { encoding: 'binary' });
   return newPath;
 }