Merge branch 'main' into feat/IDE-1462_allow-iac-excludes

Author: bastiandoetsch

cliv2/go.mod

@@ -18,10 +18,10 @@ require (
 	github.com/snyk/cli-extension-sbom v0.0.0-20250801142135-ae472dafa4cd
 	github.com/snyk/container-cli v0.0.0-20250321132345-1e2e01681dd7
 	github.com/snyk/error-catalog-golang-public v0.0.0-20250912144134-a308b7983895
-	github.com/snyk/go-application-framework v0.0.0-20250917164002-527eabced057
+	github.com/snyk/go-application-framework v0.0.0-20250922111038-7c7521b077e1
 	github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65
 	github.com/snyk/snyk-iac-capture v0.6.5
-	github.com/snyk/snyk-ls v0.0.0-20250911124327-66ea5253a18c
+	github.com/snyk/snyk-ls v0.0.0-20250923135355-3f907ea89fcc
 	github.com/spf13/cobra v1.9.1
 	github.com/spf13/pflag v1.0.6
 	github.com/stretchr/testify v1.10.0
@@ -168,7 +168,7 @@ require (
 	github.com/shirou/gopsutil v3.21.11+incompatible // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/skeema/knownhosts v1.3.1 // indirect
-	github.com/snyk/code-client-go v1.23.4 // indirect
+	github.com/snyk/code-client-go v1.23.7 // indirect
 	github.com/snyk/policy-engine v1.1.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd // indirect

cliv2/go.sum

@@ -1264,22 +1264,22 @@ github.com/snyk/cli-extension-os-flows v0.0.0-20250915102829-6a59c2ef7e88 h1:m6k
 github.com/snyk/cli-extension-os-flows v0.0.0-20250915102829-6a59c2ef7e88/go.mod h1:dFrXORRzFNF+tJ/Z51MPEeWi3IU5MuLWkt1L3dxDMG4=
 github.com/snyk/cli-extension-sbom v0.0.0-20250801142135-ae472dafa4cd h1:bZg7Zkctm2tvaznI8A4/0fFOZMgglNAIFmIIlRz16W0=
 github.com/snyk/cli-extension-sbom v0.0.0-20250801142135-ae472dafa4cd/go.mod h1:zyKDBaETfZyI7BfIjPnezH3QX2seQrR/d7NM5W6LV9s=
-github.com/snyk/code-client-go v1.23.4 h1:GDvWVIEqSeAvuv43AMMGFARzpnolXqw0kMiyf4lETQc=
-github.com/snyk/code-client-go v1.23.4/go.mod h1:3d9rtr06j239obFmF7Ojl9KybivOTR3lz0vsmDNPsRI=
+github.com/snyk/code-client-go v1.23.7 h1:jbveMfbihjfbOcDGhzO62Ik966IPmHBFSpEf0nmuoZ4=
+github.com/snyk/code-client-go v1.23.7/go.mod h1:3d9rtr06j239obFmF7Ojl9KybivOTR3lz0vsmDNPsRI=
 github.com/snyk/container-cli v0.0.0-20250321132345-1e2e01681dd7 h1:/2+2piwQtB9fEJCkXEOjboZjY+77lQfnvqBZ/60xNHk=
 github.com/snyk/container-cli v0.0.0-20250321132345-1e2e01681dd7/go.mod h1:38w+dcAQp9eG3P5t2eNS9eG0reut10AeJjLv5lJ5lpM=
 github.com/snyk/error-catalog-golang-public v0.0.0-20250912144134-a308b7983895 h1:JrN/uGEMVprlres/CVMJybSKvaLuW59SfCHoT4TfvUk=
 github.com/snyk/error-catalog-golang-public v0.0.0-20250912144134-a308b7983895/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4=
-github.com/snyk/go-application-framework v0.0.0-20250917164002-527eabced057 h1:Hh6NV/bhfXaiurUHFSUSqInZ1bHecqQeHKoyKff3+tY=
-github.com/snyk/go-application-framework v0.0.0-20250917164002-527eabced057/go.mod h1:3qfDCCm6WiRb0xfX0fXlBS1sVbAbEsaCPeHEns/QVcA=
+github.com/snyk/go-application-framework v0.0.0-20250922111038-7c7521b077e1 h1:gIs6Nh7MlBgpbV/O5E6/1RTW4OG+zY+LdvaNO7RqwOw=
+github.com/snyk/go-application-framework v0.0.0-20250922111038-7c7521b077e1/go.mod h1:nHVL2jzsJao6vvlJAmre0NJlK2aafOn269w3wLMoU+g=
 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 h1:CEQuYv0Go6MEyRCD3YjLYM2u3Oxkx8GpCpFBd4rUTUk=
 github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg=
 github.com/snyk/policy-engine v1.1.0 h1:vFbFZbs3B0Y3XuGSur5om2meo4JEcCaKfNzshZFGOUs=
 github.com/snyk/policy-engine v1.1.0/go.mod h1:SSZiMz6TiggRAk33duOueWeSG0Xwl0QoZo8hfPcEAh0=
 github.com/snyk/snyk-iac-capture v0.6.5 h1:992DXCAJSN97KtUh8T5ndaWwd/6ZCal2bDkRXqM1u/E=
 github.com/snyk/snyk-iac-capture v0.6.5/go.mod h1:e47i55EmM0F69ZxyFHC4sCi7vyaJW6DLoaamJJCzWGk=
-github.com/snyk/snyk-ls v0.0.0-20250911124327-66ea5253a18c h1:aYF5SmCOTD4c8ikc9IDxuCgtsV/SW8u3v/D9XayxDd4=
-github.com/snyk/snyk-ls v0.0.0-20250911124327-66ea5253a18c/go.mod h1:FCGPpxsMFXV+t4KHd5q9oD10qmc0E4gXOkfl6DaCWc0=
+github.com/snyk/snyk-ls v0.0.0-20250923135355-3f907ea89fcc h1:a/7OhvR8/NSI/YXrskqHz58YwBmQF325tWEG95UXJX8=
+github.com/snyk/snyk-ls v0.0.0-20250923135355-3f907ea89fcc/go.mod h1:/nn33EsNm/KA7gqN4Kt4uM/Edi8w8KVjQFDIMfSs4hw=
 github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
 github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
 github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd h1:Dq5WSzWsP1TbVi10zPWBI5LKEBDg4Y1OhWEph1wr5WQ=

test/jest/acceptance/snyk-code/snyk-code-user-journey.spec.ts

@@ -560,14 +560,18 @@ describe('snyk code test', () => {
         });
 
         it('Stateful local code test --report', async () => {
+          const sarifFileName = 'sarifReportOutput.json';
+          const sarifFilePath = `${projectRoot}/${sarifFileName}`;
+
           const args = [
             'code',
             'test',
             '--report',
             '--project-name=cicd-user-journey-test',
+            `--sarif-file-output=${sarifFilePath}`,
             await ensureUniqueBundleIsUsed(projectWithCodeIssues),
           ];
-          const { stderr, code } = await runSnykCLIWithArray(args, {
+          const { stdout, stderr, code } = await runSnykCLIWithArray(args, {
             env: {
               ...process.env,
               ...integrationEnv,
@@ -576,6 +580,40 @@ describe('snyk code test', () => {
 
           expect(stderr).toBe('');
           expect([EXIT_CODE_SUCCESS, EXIT_CODE_ACTION_NEEDED]).toContain(code);
+
+          const sarifOutput = JSON.parse(readFileSync(sarifFilePath, 'utf8'));
+
+          // ensure that uploadResult metadata exists
+          expect(
+            sarifOutput.runs[0].properties.uploadResult.projectId,
+          ).toBeDefined();
+          expect(
+            sarifOutput.runs[0].properties.uploadResult.projectId,
+          ).not.toBe('');
+          expect(
+            sarifOutput.runs[0].properties.uploadResult.snapshotId,
+          ).toBeDefined();
+          expect(
+            sarifOutput.runs[0].properties.uploadResult.snapshotId,
+          ).not.toBe('');
+          expect(
+            sarifOutput.runs[0].properties.uploadResult.reportUrl,
+          ).toBeDefined();
+          expect(
+            sarifOutput.runs[0].properties.uploadResult.reportUrl,
+          ).not.toBe('');
+
+          // ensure that the same report url is displayed in the stdout and in the sarif file
+          expect(stdout).toContain(
+            sarifOutput.runs[0].properties.uploadResult.reportUrl,
+          );
+
+          // cleanup file
+          try {
+            unlinkSync(sarifFilePath);
+          } catch (error) {
+            console.error('failed to remove file.', error);
+          }
         });
 
         it('Stateful remote code test --report', async () => {

test/smoke/alpine/Dockerfile

@@ -9,7 +9,7 @@ RUN apk add curl jq libgcc libstdc++
 # Install Gradle
 RUN apk update && \
     apk add openjdk11 && \
-    wget https://services.gradle.org/distributions/gradle-7.2-bin.zip && \
+    curl -LO https://services.gradle.org/distributions/gradle-7.2-bin.zip && \
     unzip gradle-7.2-bin.zip && \
     mv gradle-7.2 /opt/gradle && \
     ln -s /opt/gradle/bin/gradle /usr/bin/gradle && \

ts-binary-wrapper/package.json

@@ -2,6 +2,7 @@
   "name": "snyk",
   "version": "1.0.0-monorepo",
   "description": "snyk library and cli utility",
+  "mcpName": "io.snyk/mcp",
   "files": [
     "*"
   ],