Skip to content

feat: add warning for container --nested-jars-depth flag#6596

Open
ividalATSnyk wants to merge 6 commits intomainfrom
CN-270-feat-nested-jars-depth-warn
Open

feat: add warning for container --nested-jars-depth flag#6596
ividalATSnyk wants to merge 6 commits intomainfrom
CN-270-feat-nested-jars-depth-warn

Conversation

@ividalATSnyk
Copy link

@ividalATSnyk ividalATSnyk commented Feb 25, 2026

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Commit messages
    are release-note ready, emphasizing
    what was changed, not how.
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)
  • Includes product update to be announced in the next stable release notes

What does this PR do?

  • Add deprecation warning for --shaded-jars-depth
  • Add warnings for non-numeric inputs for --nested-jars-depth

Where should the reviewer start?

Warnings are generated by snyk-docker-plugin and pulled out in src/cli/commands/test/index.ts if CONTAINER_NEW_FACTS_FEATURE_FLAG is turned on

Automated tests added in test/jest/acceptance/snyk-container/container.spec.ts

NOTE: Given that this PR updates snyk-docker-plugin to the latest version, it also resolves a myriad of different bugs and issues. Setting to version 9.2.1.

More info in the releases page.

How should this be manually tested?

  1. Verify Deprecation Warning for --shaded-jars-depth
SNYK_API=https://app.snyk.io/api/v1 node index.js container test alpine:latest --shaded-jars-depth=3
--shaded-jars-depth is deprecated, use --nested-jars-depth instead

Testing alpine:latest...

Organization:      randd-enablement-template
Package manager:   apk
Project name:      docker-image|alpine
Docker image:      alpine:latest
Platform:          linux/arm64
Target OS:         Alpine Linux v3.23
Licenses:          enabled

✔ Tested 16 dependencies for known issues, no vulnerable paths found.
  1. Verify Warning for Non-numeric Inputs
SNYK_API=https://app.snyk.io/api/v1 node index.js container test alpine:latest --nested-jars-depth=true
Non-numeric inputs for --nested-jars-depth are deprecated, replace with a numeric input

Testing alpine:latest...

Organization:      randd-enablement-template
Package manager:   apk
Project name:      docker-image|alpine
Docker image:      alpine:latest
Platform:          linux/arm64
Target OS:         Alpine Linux v3.23
Licenses:          enabled

✔ Tested 16 dependencies for known issues, no vulnerable paths found.

What are the relevant tickets?

@ividalATSnyk ividalATSnyk requested review from a team as code owners February 25, 2026 21:28
@snyk-io
Copy link

snyk-io bot commented Feb 25, 2026

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 25, 2026

Warnings
⚠️

Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones.
A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax.
Files found:

  • src/cli/commands/test/index.ts
⚠️ There are multiple commits on your branch, please squash them locally before merging!

Generated by 🚫 dangerJS against 976d7f0

@ividalATSnyk ividalATSnyk changed the title feat nested jars depth warn feat: add warning for container --nested-jars-depth flag Feb 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant