fix(deps): update dependency @snyk/protect to v1.1303.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@snyk/protect	1.1301.2 → 1.1303.1

---

Release Notes

snyk/snyk (@​snyk/protect)

v1.1303.1

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• ui: Fixed an issue where JSON output was incorrectly printed to stdout when only --json-file-output was specified. (d6d465d)
• language-server: Fixed an issue where scans would not trigger when Snyk Code was enabled in IDE settings. (7567881)
• mcp: Fixed an issue where Snyk rules were not written locally. (7567881)

v1.1303.0

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• iac: users can now exclude specific files and directories from IaC scans using the --exclude parameter (3acbc6b)
• test, sbom: --json output of snyk test and snyk sbom test should now contain fields which were previously missing (isDisputed, proprietary, severityBasedOn, alternativeIds, mavenModuleName) (9996b27)
• sbom: sbom generated output will contain maven/npm scope information for those organizations with the show-maven-build-scope/show-npm-scope feature flag enabled (89d26f0)
• aibom: users can now pass the --upload and --repo flag to the experimental aibom command to persist their AI BOM into their Snyk organisation (e1fdae7)
• redteam: users can now retrieve red team scan results using snyk redteam --experimental get --id=<scan-id>. The scan command also now shows progress during execution. (fba40cc)
• redteam: users can now return an HTML report via --html or --html-file-output flags (aa76c04)
• mcp: users can now use snyk_package_health to validate package health (2b0edd2)
• mcp: users can now use profiles to select which tools are registered based on their use case, profiles can be configured via CLI flag (--profile=<lite|full|experimental>) or environment variable (SNYK_MCP_PROFILE). (2b0edd2)
• mcp: users will now have their Secure At Inception rules written at the global level. (495a2e0)
• container: snyk container sbom users can now use --username and --password to generate SBOMs for images in private registries (a7015a7)
• container: snyk container sbom users can now use --exclude-node-modules to exclude node_modules directories from the SBOM (a7015a7)
• container: snyk container sbom users can now use --nested-jars-depth to control the depth of nested JAR unpacking (a7015a7)
• container: snyk container sbom users can now pass docker-archive:, oci-archive:, kaniko-archive: prefixed paths or bare .tar file paths as the image argument (a7015a7)
• dependencies: updated minimum go version to v1.25.7 (5927337)

Bug Fixes

• test correctly scan NuGet package names case-insensitively (44bf86b)
• test handle absolute target file paths for poetry (d902590)
• test: improved maven version detection for versions greater than 3.6.3 (87853a8)
• test: fixes an issue where the runAutomationDetails field in sarif output is not unique (07dd36f)
• test: the automationDetails field is now rendered correctly when using the --sarif flag (3191e4d)
• test: improve error reporting when using --all-projects (6e3b5d5)
• ignores: ignores created via the snyk ignore command are now correctly applied if an expiry is set or if using an absolute filepath (a61589c)
• container use correct projectName value in container monitor JSON output (0e8feca)
• container: the --target-reference option is now correctly applied to application scan results in container tests, not just the OS scan results (70db44f)
• container: reverts previously introduced stricter validation that was a breaking change (rejecting true as a valid numeric argument) (70db44f)
• network: fix a possible panic when TLS config is nil (f601681)
• language-server: fixes an issue around API URL construction (35800c1)
• ui: improve the readability of error messages (763ac26)
• ui: some SNYK-CLI-0000 errors are now correctly categorised and displayed (3d02788)
• dependencies: update dependencies to fix SNYK-JS-AXIOS-15252993 (1e80d74)
• dependencies: update dependencies to fix SNYK-GOLANG-GOOPENTELEMETRYIOOTELSDKRESOURCE-15182758 [IAC-3497] (4b3d826)
• dependencies: update dependencies to fix SNYK-JS-TAR-15307072 (fbc5cb4)
• dependencies: update dependencies to fix SNYK-JS-MINIMATCH-15309438 (8e7873f)
• dependencies: update dependencies to fix SNYK-GOLANG-GOLANGORGXCRYPTOSSH-14059803 and SNYK-GOLANG-GITHUBCOMULIKUNITZXZLZMA-12230262 [IAC-3478] (1d2d723)

v1.1302.1

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• code: Resolves FedRAMP URI construction in the IDE (35800c1)
• test: PackageURL validation failed with go.mod replace directive (SNYK-CLI-0000) for snyk test (7eb2978)
• sbom: PackageURL validation failed with go.mod replace directive (SNYK-CLI-0000) for snyk sbom (fda61e0)

v1.1302.0

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• aibom: Improved Exit Code handling (d8fed82)
• container: Added support for OCI images with manifests missing platform fields (dae56aa)
• container: Added container scan support for cgo and stripped Go binaries (9b2ee6e)
• container: Added pnpm lockfile support (47db111)
• mcp-scan: Added experimental mcp-scan command (54b8376)
• sbom: Improved PackageURLs in SBOM documents for go.mod projects (c145efc)
• sbom test: Added support for deb, apk and rpm (9fd6f84)
• test: Added PackageURL information to go.mod dependency graphs (d90b54e)
• test: Added support for poetry development dependencies (6977004)

Bug Fixes

• container: Resolves false positive vulnerabilities for RHEL 10 container images (d4afe60)
• general: Upgraded multiple dependencies (e185c92)
• general: Fixed Exit Code handling when using incompatible glibc versions (66fbb50)
• general: Improved file filtering support with .gitignore (a16b853)
• mcp: Added rule file to .gitignore if not previously ignored (cc78694)
• test: Improved upload speed when using --reachability (da21315)
• test: Fixed npm v2 dependency resolution when using shadowing aliases (237a4f5)
• test: Fixed --exclude support for pnpm workspaces (293d9b1)
• test: Fixed SARIF output for Gradle projects to include the complete path in artifactLocation (ec1262e)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.