salesforcedx-vscode icon indicating copy to clipboard operation
salesforcedx-vscode copied to clipboard

Published 20 hours ago verified publisher icon forcedotcom

chore(deps-dev): bump snyk from 1.977.0 to 1.991.0

Open dependabot[bot] opened this issue 2 years ago • 1 comments

Bumps snyk from 1.977.0 to 1.991.0.

Release notes

Sourced from snyk's releases.

v1.991.0

1.991.0 (2022-08-23)

Features

  • add report summary (d8e4ea8)
  • pass policy (.snyk) to iac-test via the config file. (6d3ad76)

v1.990.0

1.990.0 (2022-08-22)

Bug Fixes

  • none custom policies severity issues should be filtered out before sending them to registry (4acacd2)

v1.989.0

1.989.0 (2022-08-19)

Bug Fixes

  • downgrade snyk-go-plugin to 1.19.0 (4643026)
  • increase buffer size (8079fe3)
  • update golang plugin (a0e30d9)
  • upgrade-docker-registry-v2-client (275afb1)

Features

  • pass remote-repo-url arg to snyk-iac-test (18e8c87)

v1.988.0

1.988.0 (2022-08-17)

Bug Fixes

  • return exit code 3 when no resources can be found (9d2e41f)
  • upgrade docker-registry-v2-client lib (374ba55)

Features

  • pass target-name arg to snyk-iac-test (4352122)
  • stop caching rules (71c866e)

v1.987.0

1.987.0 (2022-08-15)

... (truncated)

Commits
  • 42d4720 Merge pull request #3602 from snyk/feat/pass-ignores-to-snyk-iac-test-CFG-2088
  • 6d3ad76 feat: pass policy (.snyk) to iac-test via the config file.
  • 08e9672 Merge pull request #3617 from snyk/chore/reenable_regression_test
  • fa4e464 chore: re-enable test
  • 900ddd4 Merge pull request #3612 from snyk/feat/add-report-summary
  • 02f422a Merge pull request #3601 from snyk/refactor/update-iac-types
  • f93b562 refactor: use IacTestFlags type instead of generic Options
  • c3095cf Merge pull request #3606 from snyk/fix/none-custom-policies-filtering
  • d8e4ea8 feat: add report summary
  • 0a5a129 Merge pull request #3611 from snyk/fix/regression_tests
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Aug 23 '22 20:08 dependabot[bot]

A newer version of snyk exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

dependabot[bot] avatar Aug 31 '22 13:08 dependabot[bot]