Product Updates

We are thrilled to announce that the Prevention Report is now available in Early Access!

Measuring the true impact of "shifting left" has traditionally been a challenge. We designed the Prevention report to give you clear, actionable visibility into the effectiveness of security adoption directly within your development lifecycle.

This new report tracks the vulnerabilities developers proactively remediate at the point of creation in Snyk Code and Secrets—long before those issues ever reach a pull request or production environment. Data is seamlessly captured in the background as your team works across our developer surfaces, including Snyk Studio (MCP), IDE plugins and extensions, and the CLI.

The Prevention report enables you to:

• Measure proactive security: Track the total number of raw fixes and monitor your fix rate over time using our new prevention key performance indicators (KPIs).

• Analyze developer workflows: Break down fixes by surface area to understand exactly where your team prefers to resolve issues (MCP, IDE, or CLI).

• Identify trends and champions: Leverage the Fix-by-Developer leaderboard and detailed vulnerability breakdowns to see which types of vulnerabilities developers squash immediately, and which ones are detected but left unfixed.

• Enrich your Analytics Overview: Enable fix-by-surface KPIs and a new fix trends chart directly within your primary Analytics Overview dashboard for a comprehensive view of your security posture.

You can now directly measure the effectiveness of your IDE or MCP-based security efforts. By tracking vulnerabilities remediated early in the development lifecycle, you gain the data needed to prove the success of your security programs and validate your application security strategy.

To learn more, visit our Snyk User Documentation.

New Model & New Architecture

We're happy to announce we're upgrading Agent Fix to use the Claude family of models enhanced by Snyk's tooling and intelligence. This move delivers the following major improvements:

Security & Functional Enhancements

• Agentic Retries: Our new workflow now detects where code suggestions deviate from security best practices. Instead of discarding the result, the system analyzes the failure and injects tailored guidance into the agent's subsequent attempts. 

• Dynamic Few-Shot Prompting: We now use the same training set used to fine-tune our internal model to dynamically provide secure fix examples for the new model to follow. 

Expanded Support

• Full Language Coverage: We will enable support for all Snyk Code languages on Day 1, removing previous limitations on language availability.

• Comprehensive Rule Support: AI-powered fixes are now available for all supported rules and vulnerability types across the platform.

Measurable Impact

• Golden Test Benchmark: Both Sonnet 4.6 and Opus 4.6 saw improved performance against Snyk’s Golden Test benchmark (72.4% to 82.5% and 74.6% to 85.4% respectively) with this new architecture vs. the models on their own.

Check out the blog for more details. This update started rolling out on May 26th and will reach 100% by end of day on May 28th.

We are pleased to announce the release of new stable versions for our IDE plugins.
The new versions are:

• Visual Studio Code v2.31.0

• JetBrains v2.21.0

• Eclipse v3.9.0

• Visual Studio v2.9.0

This release is focused on enhancing stability and reliability, with key updates including:

• Fixed download URL fallback when the CLI is not found

• Fixed race conditions in authentication flows

• Added support for JetBrains 2026.1

Along with additional bug fixes, security updates, and improvements.

Please refer to the changelog for each of our plugins for a more detailed list of additional bug fixes and enhancements. You can learn more about the Snyk IDE plugins in our Learn resources.

If you have any questions, feel free to reach out to the Snyk Support team.

Python is at the heart of the modern AI revolution but for many developers the packaging ecosystem has felt like a bottleneck: burdened by slow installs and fragmented tooling. The emergence of uv has changed that, offering a high-performance alternative that has quickly become the industry standard.

Today, we are excited to announce that Snyk is bringing native support for uv to the Snyk CLI, IDE, and GitHub Actions. This integration ensures that teams can embrace the speed of uv without ever having to trade off on security.

With this update, Snyk enables you to seamlessly integrate uv security scanning directly into your existing Snyk workflows, wherever you are using the CLI.

What’s supported?

Native uv support is currently in Early Access. During this phase, you can use the following commands to secure your uv projects via the CLI:

• snyk test: Scan your uv dependencies for known vulnerabilities.

• snyk monitor: Continuously monitor your project and receive alerts for new risks.

• snyk sbom: Generate a Software Bill of Materials for your uv-based applications.

In addition to the CLI, this support extends to the Snyk IDE extensions, MCP server, and GitHub Actions, providing security coverage wherever you code.

Getting started

If you were part of the closed beta, you can begin using these features immediately on the latest stable release of the CLI (v1.1304). Otherwise, please enable the preview by navigating to the Snyk UI and toggle the feature under Snyk Preview.

What’s next?

We are committed to full-ecosystem support for uv. While this release focuses on the CLI and developer tools, SCM support will follow in the upcoming months.

Documentation

Please see the documentation for more information.

We have released a new version of our Visual Studio Code IDE plugin. This update addresses minor bug fixes and improvements, including:

• Addresses an issue where the CLI installation warning was incorrectly displayed despite the CLI being installed and the plugin functioning correctly.

If you have any questions, feel free to reach out to the Snyk support team.

We have released a new CLI hotfix (v1.1303.1) to address the following:

• IDE plugins: Fixes an issue where customers using our most recent IDE plugins release may encounter scans not triggering when Snyk Code is enabled in their IDE settings

• UI: Fixes an issue where JSON output was rendered twice to disk and to standard output

• MCP: Fixes an issue where Snyk rules were not written locally

Release notes can be found here.

If you have any questions, please don’t hesitate to reach out to the Snyk support team.

We are pleased to announce the release of new stable versions for our IDE plugins.
The new versions are:

• Visual Studio Code v2.29.0

• JetBrains v2.20.0

• Eclipse v3.8.0

• Visual Studio v2.8.0

This release is focused on enhancing stability and reliability, with key updates including:

• Better error messages when the CLI binary is corrupt

• Bug fix for JetBrains plugins to prevent crashes on startup

• Improvements for “New” issues view when using non-standard git configurations

• Improved org selection when an empty org is specified

Along with additional bug fixes, security updates, and improvements.

Please refer to the changelog for each of our plugins for a more detailed list of additional bug fixes and enhancements. You can learn more about the Snyk IDE plugins in our Learn resources.

If you have any questions, feel free to reach out to the Snyk Support team.

We have released a new version of our Visual Studio Code IDE plugin. This update addresses minor bug fixes and improvements, including:

• Fix for the automated registration of Snyk’s MCP server when using Snyk’s IDE plugin and Copilot in VSCode

If you have any questions, feel free to reach out to the Snyk support team.

We are pleased to announce the release of new stable versions for our IDE plugins.

The new versions are:

• Visual Studio Code v2.28.0

• JetBrains v2.19.0

• Eclipse v3.7.0

• Visual Studio v2.7.0

This release is focused on enhancing stability and reliability, with key updates including:

• Automated Org Selection is now generally available: When enabled, Snyk will automatically select the most appropriate organization for your project based on context from your repository and your authentication. If an organization is configured manually, this feature will be overridden. If an appropriate organization cannot be identified automatically, the preferred organization defined in your web account settings will be used as a fallback.

• New Unified Settings Page: We are rolling out a new unified design for our plugin settings across all our IDE plugins. Users can opt into this new experience early by following the instructions in the User Docs.

• Risk Scores (Closed Beta): Customers in this closed beta will see a calculated risk score for Open Source issues in the issue details panel and will be able to filter issues by a risk score threshold, in conjunction with existing filters such as severity.

Note: For Visual Studio Code, new Settings will only appear after the application has been restarted.

Please refer to the changelog for each of our plugins for a more detailed list of additional bug fixes and enhancements. You can learn more about the Snyk IDE plugins in our Learn resources.

If you have any questions, feel free to reach out to the Snyk Support team.

We are pleased to announce the release of new stable versions for our IDE plugins. The new versions are:

• Visual Studio Code v2.27.0

• JetBrains v2.18.0

• Eclipse v3.6.0

• Visual Studio v2.6.0

This release is focused on enhancing stability and reliability, with key updates including:

• Automated Org Selection (Early Access): When enabled, Snyk will automatically select the most appropriate organization for your project using context found in your repository and your authentication. If an organization is configured manually, this feature will be overridden. If an appropriate organization cannot be identified automatically, the preferred organization defined in your web account settings will be used as a fallback.

Note: For Visual Studio Code, new Settings will only appear after the application has been restarted.

Please refer to the changelog for each of our plugins for a more detailed list of additional bug fixes and enhancements. You can learn more about the Snyk IDE plugins in our Learn resources.

If you have any questions, feel free to reach out to the Snyk Support team.