build(deps): bump snyk from 1.1140.0 to 1.1187.0 #267

dependabot · 2023-06-30T09:41:58Z

Bumps snyk from 1.1140.0 to 1.1187.0.

Release notes

v1.1187.0

1.1187.0 (2023-06-30)

Features

update to golang 1.20.5 and pin build image version (#4730) (853622b)

v1.1186.0

1.1186.0 (2023-06-27)

Features

new snyk-iac-test version (#4723) (274e7d3)

v1.1185.0

1.1185.0 (2023-06-23)

Bug Fixes

remove now obsolete process name from user-agent (f5ae4e6)

Use correct env var for integration environment name (9c32eb4)

Features

use sha256 for webpack (8652f46)

v1.1184.0

1.1184.0 (2023-06-23)

Bug Fixes

container sarif replace colon within location uri (6b3e046)

Features

Enable header modification for all legacy CLI requests (c57ed6e)

v1.1183.0

1.1183.0 (2023-06-19)

Features

container sarif flag support without file (d74fafb)

... (truncated)

Commits

39cda18 chore: add secret scanning to CICD and pre-commits (#4720)
853622b feat: update to golang 1.20.5 and pin build image version (#4730)
274e7d3 feat: new snyk-iac-test version (#4723)
c458a1a Merge pull request #4721 from snyk/fix/HEAD-357_remove_process_name
f5ae4e6 fix: remove now obsolete process name from user-agent
8919aba Merge pull request #4718 from snyk/fix/HEAD-357_integration_env
9c32eb4 fix: Use correct env var for integration environment name
13ea20e Merge pull request #4715 from snyk/feat/HEAD-386_webpack_sha256
8652f46 feat: use sha256 for webpack
7e422c0 Merge pull request #4670 from snyk/fix/container-sarif-replace-colon-within-l...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [snyk](https://github.com/snyk/snyk) from 1.1140.0 to 1.1187.0. - [Release notes](https://github.com/snyk/snyk/releases) - [Commits](snyk/cli@v1.1140.0...v1.1187.0) --- updated-dependencies: - dependency-name: snyk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>